AWS

Using SSH in AWS

Leave a comment

SSH stands for Secure Shell and it allows you to control an AWS EC2 instances from a remote terminal from a command line interface.  

1.   The following is required before you create IAM user for your AWS Free Tier Account.

  • An Active AWS Account with admin level permissions 
    • The PEM file for your EC2 instance, this was downloaded when you created the instance 
    • The public IP address of your EC2 instance  

2.   Logon to AWS as an IAM user at URL:  https://signin.aws.amazon.com/

3.   From the Home Console type EC2 in the search bar, select the star next to EC2, and select EC2

4.   On the right hand menu bar select Instances.

5.   We currently have one EC2 Instances built out, click on the Instance ID you want.

6.   Record the public IP address of your EC2 Instance:  44.201.140.161

7.   We stored all of our AWS files under c:\aws_files including the required PEM file (mysql.pem for this process.   NOTE:  Ensure that you do not have any spaces in the name of your PEM file or this process will not work.

8.   Verify that you have allowed the port connection on 22 from everywhere in the security group of you instance.   This can be verified by going to the security tab and scrolling down to Inbound Rules.

9.   By default AWS EC2 instances already have a user created called ec2-user.   So we can test our connection to EC2 via this account.

10.   Open a power shell and move to the directory of your AWS files.

11.   Retrieve the username you are currently logon as with the command $env:username

12.   Change the permissions on you PEM file to only allow access to this user.

   $filePath = “C:\aws_files\mysql.pem”
  $acl = Get-Acl -Path $filePath

   $username = “larry”  # Use “Username” for local accounts
  $fileSystemRights = “FullControl” # e.g., Read, Write, Modify, FullControl

$accessControlType = “Allow”

$acl = Get-Acl -Path $filePath
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($username, $fileSystemRights, $accessControlType)

$acl.SetAccessRuleProtection($True, $False)
$acl.Access | ForEach-Object {$acl.RemoveAccessRule($_)}
$acl.AddAccessRule($accessRule)

Set-Acl -Path $filePath -AclObject $acl

13.   To configure your PEM file for use in the connection, execute command ssh -i <PEM_file> <username>@<public_ip_of_ec2_instance>

  ssh -i ./mysql.pem ec2-user@44.201.140.161

14.   You are now logon to your EC2 Instance.

Leave a Reply