Connecting to Your Linux Instance from Windows Using PuTTY

1.    To generate an RSA key pair to work with version 2 of the protocol, type the following command at a shell prompt:

2.  ssh-keygen -t rsa

[pravesh@localhost ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/pravesh/.ssh/id_rsa): pravesh

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in pravesh.

Your public key has been saved in pravesh.pub.

The key fingerprint is:

ed:5e:fb:5d:87:a2:12:ac:5d:98:1c:59:df:e3:81:1a pravesh@localhost.localdomain

The key's randomart image is:

+--[ RSA 2048]----+

|                 |

|          .      |

|         o . o   |

|        o.E o +  |

|       oS+.o . o |

|        *.o   .. |

|       o o. o . o|

|      . o. o o .o|

|         .o ... .|

+-----------------+

[pravesh@localhost ~]$ ls -la

total 28

-rw-------  1 pravesh pravesh 1743 Apr 29 14:30 pravesh

-rw-r--r--  1 pravesh pravesh  411 Apr 29 14:30 pravesh.pub

[pravesh@localhost ~]$ pwd

Accept the default file location of ~/.ssh/id_rsa. Enter a passphrase different from your account password and confirm it by entering it again.

The public key is written to /home/pravesh/pravesh.pub. The private key is written to /home/pravesh/pravesh. Never distribute your private key to anyone.

3.    Change the permissions of the .ssh directory using the following command:

4.  chmod 755 ~/.ssh

5.    Copy the contents of /home/pravesh/pravesh.pub into the file ~/.ssh/authorized_keys on the machine to which you want to connect. If the file/home/pravesh/.ssh/authorized_keys exist, append the contents of the file /home/pravesh/.ssh/id_rsa.pubto the file /home/pravesh/.ssh/authorized_keys on the other machine.

6.    cat /home/pravesh/.ssh/pravesh.pub > /home/pravesh/.ssh/authorized_keys

7.    Change the permissions of the authorized_keys file using the following command:

chmod 644 /home/pravesh/.ssh/authorized_keys

Before you connect to your Linux instance using PuTTY, complete the following prerequisites:

·        Install PuTTY

Download and install PuTTY from the PuTTY download page. If you already have an older version of PuTTY installed, we recommend that you download the latest version. Be sure to install the entire suite.

Converting Your Private Key Using PuTTYgen

Putty does not natively support the private key format (.pem) generated by Amazon EC2. PuTTY has a tool named PuTTYgen, which can convert keys to the required Putty format (.ppk). You must convert your private key into this format (.ppk) before attempting to connect to your instance using Putty.

To convert your private key

1. Start PuTTYgen (for example, from the Start menu, click All Programs > PuTTY > PuTTYgen).
2. Under Type of key to generate, select SSH-2 RSA.

3. Click Load. By default, PuTTYgen displays only files with the extension .ppk. To locate your .pem file, select the option to display files of all types.

4.     Select your .pem file for the key pair that you specified when you launch your instance, and then click Open. Click OK to dismiss the confirmation dialog box.

5. Click Save private key to save the key in the format that Putty can use. PuTTYgen displays a warning about saving the key without a passphrase. Click Yes.

Note

A passphrase on a private key is an extra layer of protection, so even if your private key is discovered, it can't be used without the passphrase. The downside to using a passphrase is that it makes automation harder because human intervention is needed to log on to an instance, or copy files to an instance.

6. Specify the same name for the key that you used for the key pair (for example, my-key-pair). PuTTY automatically adds the .ppk file extension.

Your private key is now in the correct format for use with PuTTY. You can now connect to your instance using PuTTY's SSH client.

To start a PuTTY session

1. Start PuTTY (from the Start menu, click All Programs > PuTTY > PuTTY).
2. In the Category pane, select Session and complete the following fields:
1. In the Host Name box, enter user_name@public_dns_name. Be sure to specify the appropriate user name for your AMI. For example:
• For an Amazon Linux AMI, the user name is ec2-user.
• For a RHEL5 AMI, the user name is either root or ec2-user.
• For an Ubuntu AMI, the user name is ubuntu.
• For a Fedora AMI, the user name is either fedora or ec2-user.
• For SUSE Linux, the user name is either root or ec2-user.
• Otherwise, if ec2-user and root don't work, check with the AMI provider.
2. Under Connection type, select SSH.
3. Ensure that Port is 22.

In the Category pane, expand Connection, expand SSH, and then select Auth. Complete the following:

1. Click Browse.
2. Select the .ppk file that you generated for your key pair, and then click Open.
3. (Optional) If you plan to start this session again later, you can save the session information for future use. Select Session in the Category tree, enter a name for the session in Saved Sessions, and then click Save.
4. Click Open to start the PuTTY session.

1. If this is the first time you have connected to this instance, Putty displays a security alert dialog box that asks whether you trust the host you are connecting to.
2. (Optional) Verify that the fingerprint in the security alert matches the fingerprint that you obtained in step 1. If these fingerprints don't match, someone might be attempting a "man-in-the-middle" attack. If they match, continue to the next step.
3. Click Yes. A window opens and you are connected to your instance.