SSH is the predominant remote management tool for administering Linux systems from Windows workstations for many years.
The SSH protocol is not well natively supported by Windows workstation. Consequently you need to make use of a utility to access it. PuTTY is a tool that has been used for many years to this purpose. There are others and we will mention them below.
For beginners the best place to start is the AWS EC2 Instance Connect utility which can be used from the AWS Console. This bypasses the need for other tools, but on the down side you don't get to learn how to do it the hard way unless you want to ;-).
There are lectures on the A Cloud Guru site plus on Udemy and YouTube on how to set this up. Your 1st stop is to watch those (again). The PuTTy tool can be used in various ways and is very efficient when you become familiar with it. Start with a simple setting that works, but then do experiment with different fonts, colours and template or default setting. My personal preference is to have a template session which has my preferred presentation and behaviours and then add the IP address when I invoke it.
When converting the key with PuTTy choose the RSA option as this is the current industry standard. When converting the key you may be asked for a PassPhrase. This is not essential. However if you create one store it is a secure password vault as it could be used to access systems if it were stolen.
Generally problems connecting with PuTTy stem from an issue with:
- the .ppk key, (did you convert it and did you use the right format)
- the IP address of the target, (this needs to be Public IP address if you are connecting from you workstation)
- the wrong user name. (for Amazon Linux AMIs use ec2-user. For non AWS AMIs refer to the AMI documentation )
- While not a PuTTy issue. If you think the set up is correct and you get a time out. That is normally caused by a network issue, which is most often down to an incorrectly set Security Group. which does not allow the traffic in, or back out of your VPC.
During lessons you will see instructors use the format
ssh ec2-user@##.##.##.## -i xxx.pem
This is the Linux format and is not the format you should use with PuTTy.
With PuTTy the format is
ec2-user@##.##.##.## Watch closely in the PuTTy lecture.
An alternate for is to only provide the IP address ##.##.##.## If you do this the EC2 instance will ask you for the username when you connect. Once you have it working, play with it a bit. It will make more sense once you get it working and can experiment with other forms and tools.
AWS also provide information on the use of PuTTy, and other products which you might find useful.
As noted above there are alternatives to PuTTy. In most cases they avoid the complication of converting the .pem key to a .ppk . AWS propose a couple on their documentation, plus here are some others.
- Some have recommended the Chrome SSH extension.
- If you already use Git, my favourite is the 'Git for Windows' Git BASH linux emulation that allows you to access the directories and files on your workstation as if they were a linux disk. This is not a full emulation, but is workable for basic interaction, and allows your learning workstation to look very similar to what the instructor is showing.
- If you are working intensively in AWS look at using AWS Session Manager. It offers both centralized access and a more secure connection to internal system without a Bastion host/jump box.
- If you use Windows 10 you can use the ssh utility in the BASH emulator. AWS has provided a nice document on how to use the built in Windows 10 Linux service. For Windows 7 you may need to install the tool set from the OpenSSH tool suite.
When working with a Linux shell or emulation you might see an error
`WARNING: UNPROTECTED PRIVATE KEY FILE!`
This is is similar to the Linux warning and indicates that the permission on the Key file are too open. The simple thing to do is copy the Key files in a folder in your User documents folder. Or use the GUI to change the file 'Owner' to yourself, give yourself 'Full Control', and remove all others for the permissions.
If none of this assists you, then please do ask for guidance on the A Cloud Guru Community Forums where senior students and alumni will give you guidance, or contact us by submitting a form through our help page https://help.acloud.guru/hc/en-us and we will do our best to help you.
also check out :