Amazon EC2: Remote Access - eliminmax/cncs-journal GitHub Wiki

Amazon EC2: Access Machines Remotely

Accessing a Linux Instance via SSH

This one is simple, assuming that you have the identity file saved to your hard drive.

Run $/> ssh <username>@<ec2host> -i <path/to/identityfile.pem>

Adding EC2 instances to SSH config

Method 1 (not recommended, Linux only):

To avoid needing to specify the identity file every time, assuming that you only use one identity file for all EC2 insrances, you can use my hacked-together script found here.

Why use this script? There are a few intersecting problems at play that prevent this from being a straightforward process: Amazon EC2 instances do not have static IP addresses, and every time they stop and start again, they have a new IP address any of several hundred different IP ranges, so adding a Host to your SSH config doesn't work. OpenSSH does not play nice with CIDR notation in its config files, so I adapted this techinque for using Match in SSH config files to use a list of addresses. Getting the list requires parsing a JSON file provided by Amazon, filtering out the non-EC2 IP ranges, and removing any excess data, and saving the result to a file. The script just does that automatically, rather than making you deal with it yourself.
Why not use this script? It is a fragile mess that I hacked together without a clear understanding of what I was doing, and there are much, much better solutions, like the next one listed.

  1. Install jq and grepcidr

    on Debian/Ubuntu systems, run # apt install jq grepcidr -y

  2. Download the script: $ wget https://raw.githubusercontent.com/eliminmax/cl-net-utils/main/ec2-ssh-config.sh

  3. Mark it as executable with $ chmod u+x ec2-ssh-config.ssh

  4. Run the script with $ ./ec2-ssh-config.ssh, and enter the path to the identity file.

Method 2 (recommended):

  1. Set up Dynamic DNS with DuckDNS (see Networking: Infrastructure: Dynamic DNS)

  2. Edit or create user-specific ssh config (located at '~/.ssh/config' on Linux, and '%userprofile%.ssh.\config on Windows), adding the following:

Host shortname
	Hostname example.duckdns.org
	IdentityFile path/to/identityfile

Accessing a Windows Server instance with RDP

Ensure that the EC2 firewall is configured to allow Inbound RDP traffic.

How to find the default password for your instance

On Windows:

Use Remote Desktop Connection. Enter the IP address, and when it asks for your credentials, enter them.

On Linux:

I'd recommend Remmina, with the Remmina RDP plugin. From the Remmina Remote Desktop Client Window, choose RDP in the drop-down, and enter the IP address. Enter the credentials when prompted.

⚠️ **GitHub.com Fallback** ⚠️