Connect to your Amazon AWS EC2 Linux machine using SSH and PuTTY in Windows

Amazon Web Services (AWS) has offered a free usage tier for a couple months now to new customers. This allows you to establish an Amazon AWS account and set up a single Linux (micro-instance) machine and run it 24 x 7 for up to 1 year without any charges, given that you don’t go over the upload/download bandwidth limits or other restrictions on this free tier plan. Included in the free usage tier are other AWS services like elastic load balancing, S3 storage, SimpleDB and Simple Queue and Notification Services and more, for complete details on this free cloud server offer and to setup your account, click here.

I’ve been running a few of these Linux servers in Amazon AWS EC2 for a couple months now and even at what I would consider similar usage with regular fees, one of these virtual machines will only cost you $12-$15 per month and you can easily run several web sites and small databases on one server.

After you establish your account, log in to the AWS Management Console and launch your Linux-based (we’ll deal with Windows-based machines later) AMI (Amazon Machine Image, what Amazon calls their virtual machine templates) machine you will need to connect to it to configure your applications. When you establish your account and launch your first AMI you’ll be prompted to create a new public-private key pair to use for authentication to Linux machines and initial administrator password decryption for Windows machines. The private key file you download during the process of creating your key pair is in Privacy Enhanced Mail or PEM format which is a Base64 encoded DER format and will look something like this (I’ve obviously obscured most of the certificate body here):

—–BEGIN RSA PRIVATE KEY—–
MIIEowIBAAKCAQEAt8P4yeQQc2+ASAh6ea6Kcd78jq6zupwE/0gkvR0UW5DjaCNwtM041mMzTevd
………………………………………………………………….
………………………………………………………………….
………………………………………………………………….
………………………………………………………………….
………………………………………………………………….
………………………………………………………………….
dtpRGq9Lp388kwMIfkErqO0WZ02nQQIo6C49keR4bf/i2FqgjEXr0PNhEBCWYvRh3/YW
—–END RSA PRIVATE KEY—–

You can use this PEM format private key natively with SSH clients like OpenSSH but if your primarily a Windows client user then I’m sure your familiar with the de facto standard, PuTTY. To use your Amazon AWS private key with PuTTY you first need to convert it to a PPK (PuTTY Private Key file) format which will look something like this:

PuTTY-User-Key-File-2: ssh-rsa
Encryption: aes256-cbc
Comment: aws-xxxxxxxx
Public-Lines: 6
AAAAB3NzaC1yc2EAAAADAQABAAABAQC3w/jJ5BBzb4BICHp5ropx3vyOrrO6nAT/
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
Private-Lines: 14
/Y7JDPgmFqqDiLobK54lVDc4x86HgCqH/bUhurakVo6gPXueUoa4BC1uCeUZPa3r
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………
………………………………………………………

Convert PEM format key to PuTTY private key (PPK) format.

  1. Run PuTTY Key Generator, PuTTYgen.exe from your PuTTY download folder.
  2. Select the Conversions menu, Import Key option and select your AWS account private key file, i.e. aws-default-pk.pem
  3. Enter a meaningful key comment, i.e. aws-default-pk
  4. Enter a key passphrase and confirm your passphrase, choose a secure passphrase which will be required when you use your private key for authentication.
  5. Click the Save private key button to save your PPK file for use with PuTTY.

 

Now, you can either add your private key file to the PuTTY authentication agent, PAGEANT.exe, which will allow you to make multiple connections to your remote SSH server without manually specifying the key and passphrase each time or you can do just that in PuTTY for each connection attempt.

Option 1 – Use PAGEANT to load your private key in to memory and connect to your remote SSH server.

  1. Run PAGEANT.exe from you PuTTY download folder.
  2. Right-click on the PAGEANT icon  in your Windows system tray and select Add Key from the menu.
  3. Select your PPK file and click Open.
  4. Enter your key passphrase to decrypt your private key and save it to memory. Important, you should read the section titled 9.5 Security Considerations in the PAGEANT help file so you aware of the concerns regarding Windows memory management and the use of PAGEANT to store decrypted private keys in memory.
  5. Now, run PUTTY.exe and enter your remote SSH server host name in to the Host Name (or IP address) field.
  6. Click on the Open button to establish your SSH client connection to the remote SSH server.

  7. In the SSH session dialog you will notice that your session is authenticated using your private key provided by the PuTTY authentication agent.

Option 2 – Specify key file and passphrase for each connection.

  1. Run PUTTY.exe, in the left side Category tree, expand Connection, then SSH and select the Auth option.
  2. In the right side options click under the Private key file for authentication option, click the Browse button and select your PPK file.

  3. In the left side Category tree, return to the Session option and in the right side options enter your remote SSH server host name or IP address in the Host Name (or IP address) field.
  4. Click on the Open button to establish your SSH client connection to the remote SSH server.

  5. In the SSH session dialog you will be prompted to enter your private key passphrase and you will then be authenticated to the remote server.

Now that you are successfully connected to your Amazon AWS EC2 “cloud” server you can continue configuring your server.

Stay tuned for my recipe for setting up a WordPress and Magento server on Amazon Linux/CentOS and using SSH tunneling to securely access MySQL on your remote server as well as setting up a Windows machine with an SSH server to provide secure access to common Windows administration protocols like RDP.

 

 

 

 

 

 

 

written by

The author didn‘t add any Information to his profile yet.

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>