Connecting to an instance in the cloud can be a little bit tricky. Being able to SSH into your running machines is a must however since you will need to do some configuration, maintenance, and debugging. In this post, I will show you how to connect to your Ubuntu-based EC2 instance from the command line. On Windows, we can use a tool like Git Bash or Cygwin to get a Unix-like environment. On Mac and Linux, you can use the built-in terminal without much trouble.
What Is SSH?
SSH stands for Secure Shell or Secure Socket Shell, which is a network protocol that gives system administrators, a highly secure method of accessing a computer over various types of computer networks. Some of these networks may not be entirely secure, so a solution like Secure Socket Shell is needed. SSH also refers to the suite of tools that implement the SSH protocol.
SSH Key Pair
The key to successful SSH communication is the Key Pair. We saw how to generate a key pair in the Create An Ubuntu Server tutorial. This puts the public key on the server for you while the private key is downloaded to your local machine. Make sure you keep this key safe and private to ensure the security of your instance running in the cloud!
Storing the private .pem file
The file that is downloaded from Amazon Web Services when you create a key pair is in the PEM format. PEM files are joined together by certificate containers which are often used in certificate installations when multiple certificates that form a complete chain are being imported as a single file. PEM files are defined as standards in RFCs 1421 through 1424.
It makes perfect sense to simply put the private file, which we have named “lemp.pem” in a directory of our choosing which in our case is simply named “aws”. Ok, the Ubuntu instance is running, and you have your private key file, now what? Well, next up let’s click on the instance in the AWS dashboard and we’ll see an option to “Connect”.
When you click this option, you’ll get some great options to connect to your running Ubuntu server. Note that EC2 Instance Connect only works with the official Amazon AMI Images so that is not an option. You do have the SSH client highlighted by default and that is the choice we will make now.
You may notice the option to Connect to your instance using its Public DNS for example ec2-54-165-120-73.compute-1.amazonaws.com in our case.
We can try this right away and you’ll get some feedback like “
The authenticity of host ‘ec2-54-165-120-73.compute-1.amazonaws.com (18.104.22.168)’ can’t be established. ED25519 key fingerprint is SHA256:cqmUzwyi/Ib8AcM2g4Zoy8j3rlei8P0C6GTFxfTjyD0.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])?”
We type “yes“. Upon typing this, we see an alarming message!
Warning: Permanently added ‘ec2-54-165-120-73.compute-1.amazonaws.com’ (ED25519) to the list of known hosts.
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
Permissions 0644 for ‘lemp.pem’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key “lemp.pem”: bad permissions
firstname.lastname@example.org: Permission denied (publickey).
This is why you must follow directions step by step! Here are the complete steps:
- Open an SSH client.
- Locate your private key file. The key used to launch this instance is lemp.pem
- Run this command, if necessary, to ensure your key is not publicly viewable.
- chmod 400 lemp.pem
- Connect to your instance using its Public DNS:
For example: ssh -i “lemp.pem” email@example.com
SSH Connection Successful
Once we follow those steps just above, we’ll get the familiar welcome screen for Ubuntu server which might look something like this.
Welcome to Ubuntu 22.04 LTS (GNU/Linux 5.15.0-1011-aws x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage System information as of Tue Sep 13 21:00:02 UTC 2022 System load: 0.0 Processes: 98 Usage of /: 19.1% of 7.58GB Users logged in: 0 Memory usage: 21% IPv4 address for eth0: 172.31.93.141 Swap usage: 0% 0 updates can be applied immediately. The list of available updates is more than a week old. To check for new updates run: sudo apt update The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. To run a command as administrator (user "root"), use "sudo <command>". See "man sudo_root" for details.
Navigating Ubuntu Once Logged In
Once you’re logged in, it’s easy to navigate your way around the machine using the familiar Linux commands that you know and love.
ubuntu@ip-172-31-93-141:~$ pwd /home/ubuntu ubuntu@ip-172-31-93-141:~$ ls -la total 28 drwxr-x--- 4 ubuntu ubuntu 4096 Sep 13 21:00 . drwxr-xr-x 3 root root 4096 Sep 13 20:38 .. -rw-r--r-- 1 ubuntu ubuntu 220 Jan 6 2022 .bash_logout -rw-r--r-- 1 ubuntu ubuntu 3771 Jan 6 2022 .bashrc drwx------ 2 ubuntu ubuntu 4096 Sep 13 21:00 .cache -rw-r--r-- 1 ubuntu ubuntu 807 Jan 6 2022 .profile drwx------ 2 ubuntu ubuntu 4096 Sep 13 20:38 .ssh ubuntu@ip-172-31-93-141:~$ cd / ubuntu@ip-172-31-93-141:/$ ls -la total 72 drwxr-xr-x 19 root root 4096 Sep 13 20:38 . drwxr-xr-x 19 root root 4096 Sep 13 20:38 .. lrwxrwxrwx 1 root root 7 Jun 9 11:21 bin -> usr/bin drwxr-xr-x 4 root root 4096 Jun 9 11:25 boot drwxr-xr-x 17 root root 3220 Sep 13 20:38 dev drwxr-xr-x 98 root root 4096 Sep 13 20:38 etc drwxr-xr-x 3 root root 4096 Sep 13 20:38 home lrwxrwxrwx 1 root root 7 Jun 9 11:21 lib -> usr/lib lrwxrwxrwx 1 root root 9 Jun 9 11:21 lib32 -> usr/lib32 lrwxrwxrwx 1 root root 9 Jun 9 11:21 lib64 -> usr/lib64 lrwxrwxrwx 1 root root 10 Jun 9 11:21 libx32 -> usr/libx32 drwx------ 2 root root 16384 Jun 9 11:23 lost+found drwxr-xr-x 2 root root 4096 Jun 9 11:21 media drwxr-xr-x 2 root root 4096 Jun 9 11:21 mnt drwxr-xr-x 2 root root 4096 Jun 9 11:21 opt dr-xr-xr-x 159 root root 0 Sep 13 20:37 proc drwx------ 4 root root 4096 Sep 13 20:38 root drwxr-xr-x 26 root root 840 Sep 13 21:00 run lrwxrwxrwx 1 root root 8 Jun 9 11:21 sbin -> usr/sbin drwxr-xr-x 8 root root 4096 Jun 9 11:25 snap drwxr-xr-x 2 root root 4096 Jun 9 11:21 srv dr-xr-xr-x 13 root root 0 Sep 13 20:37 sys drwxrwxrwt 12 root root 4096 Sep 13 20:38 tmp drwxr-xr-x 14 root root 4096 Jun 9 11:21 usr drwxr-xr-x 13 root root 4096 Jun 9 11:22 var
Note that all of the information for this particular Ubuntu instance has now been removed as it was only used for demonstration purposes in this tutorial!
Learn More About SSH and Ubuntu on AWS
- Connect to EC2 instance using SSH and Ubuntu terminal (www.beginninglinux.com)
- How to SSH to EC2 Instance on AWS – For Beginners of Amazon (99robots.com)
- Connect to your Linux instance using SSH – Amazon (docs.aws.amazon.com)
- Connecting to EC2 Instance (Ubuntu) via SSH – Best Practices, (queirozf.com)
- How to use SSH to Connect to Ubuntu EC2 Instances (www.youtube.com)
- New: Using Amazon EC2 Instance Connect for SSH (aws.amazon.com)
- Allowing users to ssh to an EC2 Ubuntu instance? (stackoverflow.com)
- ssh – How to connect EC2 instance to Netbeans remote (askubuntu.com)
- ubuntu – Unable to SSH to EC2 – Server Fault (serverfault.com)
- How to set up SFTP server on Ubuntu(AWS-EC2) – Medium (blog.devgenius.io)
- Connecting via SSH from one EC2 instance to another (dev.to)
- Set up SFTP server on Ubuntu using Public Key Auth(AWS-EC2) (qiita.com)
- How to connect to AWS ec2 instance using Putty & SSH (www.how2shout.com)