代码改变世界

ssh登录亚马逊aws

2012-04-05 02:57  游乐场123  阅读(1166)  评论(0编辑  收藏  举报

Connect to Your Linux/UNIX Instance

Connect to your Linux/UNIX instance

Topics

Connecting from a Linux/UNIX Machine

Use the ssh command to connect to your Linux/UNIX instance from a Linux/UNIX machine.

[Note] Note

Most Linux and UNIX machines include an SSH client by default. If yours doesn't, the OpenSSH project provides a free implementation of the full suite of SSH tools. For more information, go to http://www.openssh.org.

To use SSH to connect

  1. In a command line shell, change directories to the location of the private key file that you created when you launched the instance.

  2. Use the chmod command to make sure your private key file isn't publicly viewable. For example, if your file were GSG_Keypair.pem, you would enter:

    chmod 400 GSG_Keypair.pem

  3. Connect to your instance using the instance's public DNS name (which you should have recorded earlier). For example, if the key file is GSG_Keypair.pem and the instance's DNS name is ec2-184-72-204-112.compute-1.amazonaws.com, use the following command.

    ssh -i GSG_Keypair.pem ec2-user@ec2-184-72-204-112.compute-1.amazonaws.com
    [Tip] Tip

    The AMI we launched in this exercise requires you to log in to your instance as ec2-user. Some AMIs let you log in as root.

    You'll see a response like the following.

    The authenticity of host 'ec2-184-72-204-112.compute-1.amazonaws.com (10.254.142.33)'
can't be established.
RSA key fingerprint is fc:8d:0c:eb:0e:a6:4a:6a:61:50:00:c4:d2:51:78:66.
Are you sure you want to continue connecting (yes/no)? yes

  4. Enter yes.

    You'll see a response like the following.

    Warning: Permanently added 'ec2-184-72-204-112.compute-1.amazonaws.com' (RSA) 
to the list of known hosts.

You're now logged in as ec2-user and can work with the instance like you would any normal server. If you need to run a command as root, you must prefix the command with sudo. For example:

sudo /bin/cat /etc/image-id

Normally you'd continue using the instance. However, for the purposes of this tutorial, we're going to show you how to terminate the instance immediately. Click the following button.

Terminate instance

Connecting from a Windows Machine

To connect to your Linux/UNIX instance from a Windows machine, you use an SSH client. The following instructions assume that you're using PuTTY, a free SSH client for Windows machines.

Getting PuTTY

To download and install PuTTY

[Note] Note

Other tools in the PuTTY suite are PuTTYgen, a key generation program, and pscp, a secure copy command line tool. The different PuTTY tools are separate applications. You can install them separately or install the entire suite with a simple Windows installer. The following instructions assume you've installed the entire suite and can access all the components from the Windows Start menu.

Converting Your Private Key

PuTTY does not natively support the private key format generated by Amazon EC2. Fortunately, PuTTY has a tool called PuTTYgen, which can convert keys to the required PuTTY format.

To convert your private key

  1. Start PuTTYgen (e.g., from the Start menu, click All Programs > PuTTY > PuTTYgen).

  2. Click Load and browse to the location of the private key file that you want to convert (e.g., GSG_Keypair.pem). By default, PuTTYgen displays only files with extension.ppk; you'll need to change that to display files of all types in order to see your .pem key file. The private key file must end with a newline character or PuTTYgen cannot load it correctly.

  3. Select your .pem key file and click Open.

    PuTTYgen displays the following message.

    When you click OK, PuTTYgen displays a dialog box with information about the key you loaded, such as the public key and the fingerprint. The keys that Amazon EC2 generates are 1024-bit SSH-2 RSA keys.

  4. Click Save private key to save the key in PuTTY's format.

    PuTTYgen asks if you want to save the key without a passphrase.

  5. Click Yes.

    [Note] Note

    A passphrase on a private key is an extra layer of protection, so even if your private key is discovered, it will not be usable without the passphrase. The downside to using a passphrase is that it makes automation harder because human intervention is needed to log on to an instance, or copy files to an instance. For this exercise, we're not using a passphrase.

  6. Name the key with the same name you used for the key pair (e.g., GSG_Keypair). PuTTY automatically adds the .ppk file extension.

Your private key is now in the correct format for use with PuTTY. You can now connect to your instance using PuTTY's SSH client.

Connecting Using PuTTY SSH

You'll connect by starting a PuTTY SSH session.

To use SSH to connect

  1. Start PuTTY (e.g., from the Start menu, click All Programs > PuTTY > PuTTY).

    A dialog box opens with a Category menu on the left side. On the right side, the basic options for your PuTTY session are displayed.

  2. In the Host Name field, enter the public DNS name of your instance (which you should have recorded earlier). You can optionally prefix the DNS name with ec2-user@to automatically log in as ec2-user when the session opens.

  3. In the Category menu, under Connection, click SSH, and then Auth.

    The options controlling SSH authentication are displayed.

  4. Click Browse and navigate to the PuTTY private key file you generated in the preceding section.

  5. Click Open.

    An SSH session window opens and PuTTY displays a security alert asking if you trust the host you're connecting to.

  6. Click Yes.

  7. In the SSH session window, log in as ec2-user if you didn't as part of starting the SSH session.

    [Tip] Tip

    The AMI we launched in this exercise requires you to log in to your instance as ec2-user. Some AMIs let you log in as root.
    [Note] Note

    If you specified a passphrase when you converted your private key to PuTTY's format, you must provide that passphrase when you log in to the instance.

You're now logged in as ec2-user and can work with the instance like you would any normal server. If you need to run a command as root, you must prefix the command with sudo. For example:

sudo /bin/cat /etc/image-id

Normally you'd continue using the instance. However, for the purposes of this guide, we're going to show you how to terminate the instance immediately. Click the following button.