Connecting to an Ubuntu box on AWS (Amazon Web Services) used to be easier if I remember correctly… But what do I know I’m a developer who primarily works on Windows PCs. I have spun up my fair share of Linux machines to run Eclipse, Apache, Jenkins, Ansible, Puppet and others, but I would not consider myself a Linux Admin by any means. If I’m being honest its been a while since I started from scratch as I typically use an AMI (Amazon Machine Image) that I created and configured ages ago that already has the correct settings. In this post I will walk through the process of provisioning a new AWS Ubuntu Instance and enabling SSH (Secure Shell) with an RSA Key (Rivest, Shamir, and Adleman, the inventors of the technique) on the new instance so that we can SSH using PuTTY on Windows to the new instance.
First we will need an AWS Ubuntu Instance. We create a new Ubuntu Instance in AWS by selecting Launch Instance from the EC2 Instance Menu.
For this example we will use an Ubuntu 22.04 Amazon Machine Image (AMI) on a t2.large Instance Type
Then we will create a new Key Pair for the new server.
Since we will be using PuTTY on Windows we will select .ppk for PuTTY. If you are using a Mac you can select .pem for OpenSSH
Once the Key Pair has been created it will be selected in the list
The .ppk will also be downloaded automatically. Open File Explorer and move the .ppk from the download folder to a lab folder or literally any place other than the download folder.
We’ll need to make sure that SSH is enabled, obviously, and since we may want to install Apache or Jenkins on this box in a later demo lets allow http and https.
Now that we have all of the settings completed we can launch the new instance to do the last couple of steps to enable SSH from inside of the new Ubuntu Instance. Since we will have to be inside the instance to enable SSH we need a way to connect without having SSH enabled already. To connect to the instance without SSH enabled we will use AWS Instance Connect.
Note the User Name and IP Address as these are the same that we will use in PuTTY once SSH has been enabled.
Now that we are connected to the new Ubuntu instance execute the commands below to enable RSA SSH.
Edit the SSH Config to enable SSH with RSA
sudo -i
vi /etc/ssh/sshd_configIn the sshd_config file press i to enter Insert Mode then locate the line that says:
#PubkeyAuthentication yesbeneath that line insert the statement below:
PubkeyAcceptedAlgorithms *To exit Insert Mode and save the file press:
[ESC]
[Shift] + zzThen restart the SSH service with the code below:
service ssh restartNow you can go to PuTTY
and enter the IP Address and User Name for the instance and associate the .ppk file with the PuTTY Configuration
Once you have selected the Private Key File (.ppk) that we created earlier then you can set the Auto-login username to ubuntu.
At this point we definitely want to save the PuTTY configuration so that we don’t have to worry about these setting for future connections to this instance.
Now we should be able to open an SSH connection to the instance with no issues.
Since this is the first time that we are connected we will get a PuTTY Security Alert that this key is not in the cache. Click Yes to add the key to the cache and connect to the new instance.
We have now successfully connected to the new AWS Ubuntu Instance using SSH in PuTTY on Windows. There are a couple more things we will need to do to get multiple instances to communicate via SSH if we want to manage those nodes with Ansible for example. We will look into creating keys inside of Ubuntu for use in SSH with an Ansible example in the next post.
You can use this public AWS Amazon Machine Image ami-07013dd48140efd73 in the N. California (us-west-1) Region of AWS that already has the changes in this post done as well as an RSA key installed to allow SSH between servers when this AMI is used to create multiple instances.
You can do a quick ansible install using the commands bellow to begin configuring the new servers and installing software
sudo apt update && sudo apt upgrade
sudo apt install ansible
sudo apt upgrade ansible