Loading

Friday, July 31, 2009

Connecting to AWS EC2 (Linux) Instance With PuTTY via SSH

In order to connect to an Amazon Web Services EC2 Linux instance using PuTTY over SSH you must generate a PPK file from your private key, then import the PPK to PuTTY.  PuTTY does not natively support the private key format generated by Amazon EC2, therefore PuttyGen must be used to convert keys to its internal format.

First, associate the private key (<keyname>.PEM) with the instance to which you want to connect using PuTTYgen.  Click on the Load button and browse to the location of your private key (you will probably have to change the file type to All Files (*.*)).  If all goes well you will see the message "Successfully imported foreign key. . ."










Click OK, then click Save Private Key.



Click Yes when PuTTYgen prompts you about saving the key without a passphrase.









Save the key as <keyname>.ppk.

Next launch Putty to open an SSH session and tell Putty to use that PPK file -- NOT the PEM file! Expand connection, SSH, and select Auth. Click the browse button next to the Private key file for authentication: field, and select the .PPK file you just created with Puttygen.



Under category on the left go back to Session and Save the session.  Then click Open to connect.



Possible error messages with incorrect credentials.
* Putty failed: "Disconnected: No supported authentication methods available"
* Server refused our key

Keywords:


aws ssh instance
connecting to aws instance with putty
ec2 putty
how do you use putty with aws instance
access aws using putty
aws key file putty puttygen
aws putty
aws putty ppk pem
aws puttygen
connect to aws instance with putty

37 comments:

  1. I followed your instructions and failed to connect to my instance. Later I learnt that once I import the keypair to PuttyGen, I should not click on generate, but just select the menu option "File -> Save Private Key". And use this saved private key (ppk) file in putty.

    ReplyDelete
  2. ^You're a savior.

    I was hitting generate.

    ReplyDelete
  3. Nice post. Indeed helpful for those whoa are new to EC2, and how to connect Linux instances.

    Thanks
    Santhosh

    ReplyDelete
  4. I have a doubt here. Can we access the GUI mode of Linux backtrack instance which is placed in Amazon. It seems BT-4 AMI images are there in Amazon AMI library. Can i use ultra VNC to get the Linux desktop. Any luck ?

    Thanks
    Santhosh.c@nocme.com

    ReplyDelete
  5. Santhosh,

    I haven't tried but I'm sure you can access the GUI with VNC. Just make sure port 5900 (or other if necessary) is open using the Amazon Security Groups.

    ReplyDelete
  6. I'm actually crying a little bit. Tears of joy though. Thank you and people like you.

    ReplyDelete
  7. I get a log on with an ecs2 user other than root.. any ideas?

    ReplyDelete
  8. @John Walp & @Rambilly
    You login is ec2-user .
    It not your user name or something cryptic.
    Just instead of using root, type ec2-user
    I had same issue until I tried that thinking, "can't be as simple as that!?" Doh!

    ReplyDelete
  9. why nothing to say about how to solve the errors

    ReplyDelete
  10. followed your instructions to a t;
    but still no matter what i try, "Server refused our key"

    ReplyDelete
  11. Keep in mind also that in many cases the Linux AMI's do NOT install X or a desktop (KDE/Gnome). A typical LAMP (Linux, Apache, MySQL, and PHP) stack environment will not need a Desktop. You can certainly install them, but its just additional overhead that should be removed prior to application deployment and snaping.

    ReplyDelete
  12. Thanks! Worked like a charm.

    ReplyDelete
  13. Thanks. Definitely helpful post.

    ReplyDelete
  14. I just get a DOS window which I can't type anything into and then it times out! How do I get a command line?

    ReplyDelete
  15. Thanks! - This post is really clear and concise.

    And a real help if you're fed up with cygwin :)

    ReplyDelete
  16. I am also getting the DOS window and then it is saying "Network Error: Connection timed out". What to do? Please help.

    ReplyDelete
  17. OK.. newbie stupidity...
    Make sure you are trying to log into the right instance. In the ElasticFox interface under Instances there are two lines. I was using the 1st line which is the EBS not the instance. This won't work. You use the address of the instance line in putty. Grrrr

    ReplyDelete
  18. HI
    I have followed your post but I am still getting

    Server refused our key


    What does that mean?
    I found some link but it did not help me

    ReplyDelete
  19. I was able to connect after following this post. Thanks much!

    ReplyDelete
  20. If you getting "Server refused our key" message, make sure your login id is ec2-user

    ReplyDelete
  21. okay one way I had to solve the problem is by right clicking the original PEM file and going to properties. I'm in windows 7 and the file was "blocked" for some reason. I had to "unblock" it before puttygen.exe would "successfully" load the key. prior to this puttygen would open the file and I would save as private key but since it failed to "successfully" do this before I feel this was the cause of the problem. then I converted it. I also had to log in with "ubuntu" instead of root of ec2-user which it did prompt me to do.

    ReplyDelete
  22. I converted the key with puttygen and used "ec2-user" and I am in!!!

    ReplyDelete
  23. One more thing would make this post a complete guide... How to get (or make) your ppk file from Amazon. Now I have to find another guide on that ;) Thanks OP!!

    ReplyDelete
  24. thanks Anonymous, I somehow missed or didn't receive the "login with ubuntu" for my ubuntu instance. I had terminated an amazon basic ami instance, in favor of moving to ubuntu; was still trying to connect with ec2-user and couldn't determine the problem. changing to user name "ubuntu" was it

    ReplyDelete
  25. I'm one of those suffering from the "Server refused our key" problem. I have the added knowledge that the same PEM key I have converted was previously used and worked when logging in from a MacBook AIR (so I know the PEM key is correct and valid).

    I've tried unbuntu, ec2-user, root, as well as various (somewhat desperate) variants on the keygen process with puttygen.exec, but no luck. I'm on a 64bit Windows7 device (and on my 3rd day of trying to get this workin!)

    Any other clues out there?

    ReplyDelete
  26. Did you ever resolve your issue? I have the same situation.

    ReplyDelete
  27. I have the "Server refused our key" issue when I use an ubuntu instance. After changing to an AWS instance, it works.

    ReplyDelete
  28. Change to another ubuntu instance and the process by host works

    ReplyDelete
  29. Also there is a tool that lets you SSH to your EC2 instances more quickly (still using putty) https://github.com/poma/AwsSsh

    ReplyDelete