In this blog, we'll walk through the process of launching an Amazon Elastic Compute Cloud (EC2) instance and securely connecting to it using SSH.
Let's get started.
Overview
In this setup, we will launch an EC2 instance on AWS. Then, using our local terminal, we will establish an SSH connection to that EC2 instance.
Task 1: Launching an EC2 instance
On services, search for EC2 and click on it.
Now, click on the yellow button Launch instance
below.
Provide a suitable name for your EC2 and choose Ubuntu as AMI.
AMI: An AMI (Amazon Machine Image) is a template for launching virtual servers in the cloud, containing the operating system, software, and settings.
We're utilizing the free tier instance provided by AWS.
Now, time to create a key pair.
Key pairs are a fundamental security element for accessing EC2 instances in AWS. They utilize public-key cryptography to ensure secure logins.
When we launch an EC2 instance, we can select an existing key pair or create a new one. The public key is stored on the instance, while we securely store the private key on our local machine.
To connect to the instance, we use an SSH client and the private key to authenticate ourselves.
I've downloaded the private key file in my device.
Our current configuration allows SSH access to our instance from any location on the internet.
Leave all other configurations as default. On the right panel, we can see the Summary section on our EC2 specifications.
Click on Launch instance
.
Click on the instance ID.
We can see we have successfully launched our EC2 instance.
Click on the instance ID to see various details of our EC2 instance.
Task 2: Accessing EC2 with SSH
SSH (Secure Shell) is the secure way to connect to and manage our EC2 instances. It provides encrypted communication between our local machine and the instance, protecting our login credentials and commands.
Prerequisites:
Running EC2 Instance: A launched EC2 instance with SSH enabled.
SSH Client: An SSH client installed on our local machine. Common options include terminal (Linux/macOS) or tools like PuTTY (Windows).
Key Pair: Ensure you have a key pair created and downloaded securely. The public key should be associated with your instance.
As we have done all the prerequisites, it's time to get the work done.
Head up to your instance details and click on Connect
.
Alright, now we have to follow the given instructions.
But before we continue, let's learn about the file permissions first.
Octal Representation | Decimal Representation | Permission | Representation |
000 | 0 | No Permission | --- |
001 | 1 | Execute | --x |
010 | 2 | Write | -w- |
011 | 3 | Write + Execute | -wx |
100 | 4 | Read | r-- |
101 | 5 | Read + Execute | r-x |
110 | 6 | Read + Write | rw- |
111 | 7 | Read + Write + Execute | rwx |
The table shows uses octal numbers (base-8) to define three permission levels: owner, group, and others. Each permission level can be granted read, write, and execute access. For example, a chmod value of 7 (111 in octal) grants read, write, and execute permission to all three levels (owner, group, and others).
Say, there is a file with the value 777, it represents full access. This translates to all three user levels (owner, group, and others) having permission to read, write, and execute the file.
Alright, back to our demo.
I'm in my desktop terminal, and we can see the permissions of our key file here.
ls -l
Owner: read/write permission
Group: read/write permission
Others: read permission
chmod is a command used in Unix-based operating systems to change the permissions of files and directories.
Copy the command and paste it into your terminal.
Now, we see the permissions have been changed.
Only the owner has the read permissions now.
Let's continue.
Copy the command and paste it into your terminal.
Let's break down the command.
ssh: This is the command itself, which stands for Secure Shell. It's used to initiate a secure connection to a remote server.
-i "myKey.pem": This option specifies the identity file to be used for authentication. In this case, it's "myKey.pem" which is my private key file. The quotes around the filename are necessary if there are spaces in the path. Also, if you have your private key file in a different directory than your current working directory, you have to specify the full path.
ubuntu: This specifies the username required to log in to the remote server. Here, the username is "ubuntu" (default).
ec2-13-238-254-242.ap-southeast-2.compute.amazonaws.com: This is the hostname or IP address of the remote server we're trying to connect to.
Alright, now hit the Enter.
Proceed with yes when prompt.
And finally, we have logged in into our EC2 instance.
Task 3: Clean Up
Select your instance and Select Terminate instance on Instance state
panel.
Click on Terminate
.
This concludes our lab.
Conclusion
In this lab, we created an EC2 instance and then connected securely via SSH.
See you in the next one.