Pages

Tuesday, September 12, 2017

Connecting to Your AWS Linux Instance from MacOS Using PuTTY for Mac

Connecting to Your ( Amazon Elastic Compute Cloud ) AWS Linux Instance from MacOS Using PuTTY for Mac.

After you launch your instance, you can connect to it and use it the way that you'd use a computer sitting in front of you.

Note

After you launch an instance, it can take a few minutes for the instance to be ready so that you can connect to it. Check that your instance has passed its status checks - you can view this information in the Status Checks column on the Instances page.

The following instructions explain how to connect to your instance using PuTTY for Mac, a SSH client for Windows that has been ported to MacOS. If you receive an error while attempting to connect to your instance.

Prerequisites

Before you connect to your Linux instance using PuTTY, complete the following prerequisites:
  • Install PuTTY
    Download and install PuTTY from the PuTTY for Mac store. If you already have an older version of PuTTY for Mac installed, we recommend that you download the latest version. Be sure to install the entire suite.
  • Get the ID of the instance
    You can get the ID of your instance using the Amazon EC2 console (from the Instance ID column). If you prefer, you can use the describe-instances (AWS CLI) or Get-EC2Instance (AWS Tools for Windows PowerShell) command.
  • Get the public DNS name of the instance
    You can get the public DNS for your instance using the Amazon EC2 console (check the Public DNS (IPv4) column; if this column is hidden, choose the Show/Hide icon and select Public DNS (IPv4)). If you prefer, you can use the describe-instances (AWS CLI) or Get-EC2Instance (AWS Tools for Windows PowerShell) command.
  • (IPv6 only) Get the IPv6 address of the instance
    If you've assigned an IPv6 address to your instance, you can optionally connect to the instance using its IPv6 address instead of a public IPv4 address or public IPv4 DNS hostname. Your local computer must have an IPv6 address and must be configured to use IPv6. You can get the IPv6 address of your instance using the Amazon EC2 console (check the IPv6 IPs field). If you prefer, you can use the describe-instances (AWS CLI) or Get-EC2Instance (AWS Tools for Windows PowerShell) command. For more information about IPv6, see IPv6 Addresses.
  • Locate the private key
    Get the fully qualified path to the location on your computer of the .pem file for the key pair that you specified when you launched the instance.
  • Enable inbound SSH traffic from your IP address to your instance
    Ensure that the security group associated with your instance allows incoming SSH traffic from your IP address. The default security group does not allow incoming SSH traffic by default.

Starting a PuTTY Session

Use the following procedure to connect to your Linux instance using PuTTY. You need the .ppk file that you created for your private key. If you receive an error while attempting to connect to your instance, see Troubleshooting Connecting to Your Instance.

To start a PuTTY session
  1. (Optional) You can verify the RSA key fingerprint on your instance using the get-console-output (AWS CLI) command on your local system (not on the instance). This is useful if you've launched your instance from a public AMI from a third party. Locate the SSH HOST KEY FINGERPRINTS section, and note the RSA fingerprint (for example, 1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f) and compare it to the fingerprint of the instance.
    Copy
    aws ec2 get-console-output --instance-id instance_id
    Here is an example of what you should look for:
    -----BEGIN SSH HOST KEY FINGERPRINTS-----
    ... 1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f ...
    -----END SSH HOST KEY FINGERPRINTS-----
    Note that the SSH HOST KEY FINGERPRINTS section is only available after the first boot of the instance.
  2. Start PuTTY (from the Start menu, choose All Programs > PuTTY > PuTTY).
  3. In the Category pane, select Session and complete the following fields:
    1. In the Host Name box, enter user_name@public_dns_name. Be sure to specify the appropriate user name for your AMI. For example:
      • For an Amazon Linux AMI, the user name is ec2-user.
      • For a RHEL AMI, the user name is ec2-user or root.
      • For an Ubuntu AMI, the user name is ubuntu or root.
      • For a Centos AMI, the user name is centos.
      • For a Fedora AMI, the user name is ec2-user.
      • For SUSE, the user name is ec2-user or root.
      • Otherwise, if ec2-user and root don't work, check with the AMI provider.
    2. (IPv6 only) To connect using your instance's IPv6 address, enter user_name@ipv6_address. Be sure to specify the appropriate user name for your AMI. For example:
      • For an Amazon Linux AMI, the user name is ec2-user.
      • For a RHEL AMI, the user name is ec2-user or root.
      • For an Ubuntu AMI, the user name is ubuntu or root.
      • For a Centos AMI, the user name is centos.
      • For a Fedora AMI, the user name is ec2-user.
      • For SUSE, the user name is ec2-user or root.
      • Otherwise, if ec2-user and root don't work, check with the AMI provider.
    3. Under Connection type, select SSH.
    4. Ensure that Port is 22.

    
       PuTTY configuration - Session
  4. In the Category pane, expand Connection, expand SSH, and then select Auth. Complete the following:
    1. Choose Browse.
    2. Select the .ppk file that you generated for your key pair, and then choose Open.
    3. (Optional) If you plan to start this session again later, you can save the session information for future use. Select Session in the Category tree, enter a name for the session in Saved Sessions, and then choose Save.
    4. Choose Open to start the PuTTY session.

    
       PuTTY configuration - Auth
  5. If this is the first time you have connected to this instance, PuTTY displays a security alert dialog box that asks whether you trust the host you are connecting to.
  6. (Optional) Verify that the fingerprint in the security alert dialog box matches the fingerprint that you previously obtained in step 1. If these fingerprints don't match, someone might be attempting a "man-in-the-middle" attack. If they match, continue to the next step.
  7. Choose Yes. A window opens and you are connected to your instance.
    Note
    If you specified a passphrase when you converted your private key to PuTTY's format, you must provide that passphrase when you log in to the instance.

Connecting to Your Linux Instance Using SSH

After you launch your instance, you can connect to it and use it the way that you'd use a computer sitting in front of you.

Note

After you launch an instance, it can take a few minutes for the instance to be ready so that you can connect to it. Check that your instance has passed its status checks - you can view this information in the Status Checks column on the Instances page.

The following instructions explain how to connect to your instance using an SSH client. If you receive an error while attempting to connect to your instance, see Troubleshooting Connecting to Your Instance.

Prerequisites

Before you connect to your Linux instance, complete the following prerequisites:
  • Install an SSH client
    Your Linux computer most likely includes an SSH client by default. You can check for an SSH client by typing ssh at the command line. If your computer doesn't recognize the command, the OpenSSH project provides a free implementation of the full suite of SSH tools. For more information, see http://www.openssh.com.
  • Install the AWS CLI Tools
    (Optional) If you're using a public AMI from a third party, you can use the command line tools to verify the fingerprint. For more information about installing the AWS CLI, see Getting Set Up in the AWS Command Line Interface User Guide.
  • Get the ID of the instance
    You can get the ID of your instance using the Amazon EC2 console (from the Instance ID column). If you prefer, you can use the describe-instances (AWS CLI) or Get-EC2Instance (AWS Tools for Windows PowerShell) command.
  • Get the public DNS name of the instance
    You can get the public DNS for your instance using the Amazon EC2 console (check the Public DNS (IPv4) column; if this column is hidden, choose the Show/Hide icon and select Public DNS (IPv4)). If you prefer, you can use the describe-instances (AWS CLI) or Get-EC2Instance (AWS Tools for Windows PowerShell) command.
  • (IPv6 only) Get the IPv6 address of the instance
    If you've assigned an IPv6 address to your instance, you can optionally connect to the instance using its IPv6 address instead of a public IPv4 address or public IPv4 DNS hostname. Your local computer must have an IPv6 address and must be configured to use IPv6. You can get the IPv6 address of your instance using the Amazon EC2 console (check the IPv6 IPs field). If you prefer, you can use the describe-instances (AWS CLI) or Get-EC2Instance (AWS Tools for Windows PowerShell) command. For more information about IPv6, see IPv6 Addresses.
  • Locate the private key
    Get the fully qualified path to the location on your computer of the .pem file for the key pair that you specified when you launched the instance.
  • Enable inbound SSH traffic from your IP address to your instance
    Ensure that the security group associated with your instance allows incoming SSH traffic from your IP address. The default security group does not allow incoming SSH traffic by default. For more information, see Authorizing Inbound Traffic for Your Linux Instances.
Purchase Putty 8.7.0 now and have Telnet SSH FTP SCP on your Mac made easy!

No comments: