Remote logins to Amazon VMs can be performed by SSH key authentication only. On Linux and OSX machines, this is straightforward since both come pre-installed with an OpenSSH client. Windows does not, and will need additional software to be installed manually. This page explains how to connect to an Amazon EC2 instance and assumes that you already have an instance running that is configured to accept your existing private key.
Establishing SSH connections using Linux / OSX
First, determine the hostname of the Amazon EC2 machine you wish to connect to. This information is available on the ‘EC2’ tab of the AWS Management Console. Select ‘Instances’, then choose the instance you wish to connect to. On the bottom pane, look for ‘Public DNS’.
For UNIX-like machines, you will need to open a command line shell using a terminal emulator. On OSX, open the ‘Terminal’ application. On Linux, there are a variety of programs you could use, such as Xterm, Konsole, etc.
At the command prompt, use ‘ssh’ to connect to the remote machine. You may need to specify which private key to use. This is specified with the ‘-i’ switch. If you created a key using the Amazon web interface, use the ‘-i’ switch to specify the path to the file you downloaded.
ssh -o StrictHostKeyChecking=no -i ~/Downloads/my-microbase-test-key.pem firstname.lastname@example.org
Alternatively, if the key that you’re using is in the default one in your ‘.ssh’ directory, then you won’t need to specify the key explicitly.
- -o StrictHostKeyChecking=no – Disables remote host key checks. Usually when you use SSH, you connect to the same trusted machine over and over again. In order to be sure that the machine really is the same each time, SSH checks the machine’s key to make sure it matches the previously recorded key. However, Amazon recycle their public DNS names to different instances when VMs are shut down. Unfortunately, the default behaviour of SSH can lead to problems connecting to Amazon machines if you’ve previously connected to the same EC2 public DNS that was running a different instance. In this case, SSH (incorrectly) assumes that someone is trying to snoop on your network traffic.
- -i ~/Downloads/my-microbase-test-key.pem – Points SSH at a private key to use for this connection. You should replace the path shown here with the location of the key on your machine. The private key you use must match the public key that your instance was started with, otherwise your login attempt will be refused.
- ubuntu@ – the username to attempt to login with. Unless you have created other users on your instance, ‘ubuntu’ is the only login name that will work here.
- ec2-176-34-173-255.eu-west-1.compute.amazonaws.com – this is the public DNS name of the instance to connect to, obtained from the AWS Management Console.