How to connect to my instance
In previous post we launch our virtual machine so now is the time to log in via SSH. In this part we attach Elastic IP which will be our public IP address and we connect to our instance using previously downloaded private key.
How to attach Elastic IP
You can attach one public IP to any single instance without additional costs. This IP will be linked with our AWS account so we can easily attach and detach it from one instance to another as we need. One virtual machine can also have more than one public IP address if we need this kind of configuration for some reason. This address is reserved for us as long as we won’t release it. Theoretically our instance have public address attached in time of launching but it’s randomly picked so when we stop our machine it will be released and new address will be attached on resume.
In our case we want that our address will persist forever and ever and if we need to scale up in the future we probably want to have possibility of transfer this IP address to another machine. Fortunately this process is very easy. 🙂
Let’s find Elastic IPs tab in our EC2 dashboard. There we will click Allocate New Address and confirm.
Next let’s right click on IP and choose action Associate Address. We can do the same thing from Actions dropdown. Click on input called Instance should revealed list of our instances where we can choose that we are recently created. We can also filter this list by instance ID or Name tag. Select your instance and then click Associate button.
If you check your list of instances you should see that this new address was really attached to your machine.
Connect through SSH
Linux / Mac
If you work on Linux or Mac, just add downloaded private key to your .ssh directory i home directory:
mv /path/to/your/key.pem ~/.ssh
If you doesn’t have this folder, create it:
Private key should have very restrictive settings of permissions. Let’s set 400 then (available only for reading, only for file owner).
chmod 400 ~/.ssh/your_key.pem
Now you should be able to connect to your instance. Default user name for Ubuntu is… ubuntu. My private key are in test1-keys.pem file in .ssh directory and IP address of my instance is 220.127.116.11, so i type following command:
ssh -i ~/.ssh/test1-keys.pem email@example.com
I wrote down key fingerprint from server logs so now I can verify if I’m really connecting to my instance. If yes I can confirm that I want to connect. From now on my computer “knows” my virtual machine so I won’t need to check this fingerprint for every connection. If everything was fine you just logged in to your instance. Congratulations! 🙂
If you’re working on Windows, you’ll need to use additional tools. First of all Windows don’t support SSH natively (probably something will change about this in near future as we can read here). I use and recommend PuTTY as SSH client for Windows. Additionally we can’t use private key as it is, we need to convert it to format which can be read by PuTTY. We can do this with tool called PuTTYgen, which we can download here.
Let’s open PuTTYgen and load our private key. Next we click on Save private key button. We’ll be asked if we really want to save our private key without password protection. There are different opinions on this subject. Here you can read interesting discussion about it. Everyone should take this decision himself. One thing I want to tell is that if your key is not password protected, anyone who can read your key file, can access your instance also. I’m not creating password for sake of this tutorial.
Where to save the new key file? I’ll follow the “Linux” way and create .ssh folder in my user directory, but you can place it anywhere you want. However it’s important to remember that if you are not the only user of this computer you should place it in directory not accessible by other users.
So last thing is to use PuTTY to log in on our machine. User name in Ubuntu is by deafult ubuntu nad IP address of my instance is 18.104.22.168. In Host Name I should type firstname.lastname@example.org and in SSH -> Auth tab I need to select private key file.
Now it is worth to save this settings so i won’t need to retype them in future.
When you click Open button security alert pop-up should appear with information that this server is not known. If you wrote down key fingerprints you can verify if they’re match. If yes confirm that you want to connect and you should be in. Next time this verification will not be required.
So we have established SSH connection to our EC2 instance. We are step closer to run WordPress. In next part we will talk a little bit about configuration of our server in terms of security.