Connecting to an Instance using SSH

Lab Steps

Logging in to the Amazon Web Services Console
Creating an EC2 Instance
Converting a PEM Key to a PPK Key (Windows Users Only)
Connecting to an Instance using SSH
Getting the EC2 Instance Metadata
Terminating an EC2 Instance
Need help? Contact our support team

Here you can find the instructions for this specific Lab Step.

If you are ready for a real environment experience please start the Lab. Keep in mind that you'll need to start from the first step.


In order to manage a remote Linux server, you must employ an SSH client. Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network. Common applications include remote command-line login and remote command execution.

Linux distributions and macOS ship with a functional SSH client that accepts standard PEM keys. Windows does not ship with an SSH client. Therefore, this Lab Step includes instructions for users running Linux/macOS and Windows on their local host. Only one of them is required depending on your local operating system.


Instructions (Linux / macOS Users)

1. Open your Terminal application


2. Run the following ssh command: 

Copy code
ssh -i /path/to/your/keypair.pem user@server-ip
  • server-ip is the Public IP of your server, found on the Description tab of the running instance in the EC2 Console
  • user is the remote system user (ec2-user for Amazon Linux) that will be used for the remote authentication. In this Lab, you must use ec2-user.

Note that the Amazon Linux AMIs typically use ec2-user as a username. Other popular Linux distributions use the following user names:

  • Debian: admin
  • RedHat: ec2-user
  • Ubuntu: ubuntu

Assuming that you selected the Amazon Linux AMI, your assigned public IP is, and your keypair (named "keypair.pem") is stored in /home/youruser/keypair.pem, the example command to run is: 

ssh -i /home/youruser/keypair.pem ec2-user@

Note: You can find the Public IP under the AWS EC2 console, and choosing the available EC2 instance.

Important! Your SSH client may refuse to start the connection, warning that the key file is unprotected. You should deny the file access to any other system users by changing its permissions. From the directory where the public key is stored on your local machine, issue the following command and then try again:

Copy code
chmod 400  /home/youruser/keypair.pem

The change mode (chmod) command shown above will change the permissions on your private key file so only you can read and write (modify) it. No other users on the system can modify it, or even read it.


Tip: The Instances page provides a helpful shortcut for connecting to a Linux instance. Select the running instance and click the Connect button. It will formulate an example ssh command for you, including the required key name and public IP address. However, it is still useful to learn the basics of manually using the ssh command.


Instructions (Windows Users)

Windows has no SSH client, so you must install one. This part of the Lab Step will use PuTTY (freely available here on their website) and a previously converted PEM key (converted to PPK using PuTTYgen).


1. Open PuTTY and insert the EC2 instance public IP Address in the Host Name field:

PuTTY: Insert Instance IP

Note: You can find the Public IP under the AWS EC2 console, and choosing the available EC2 instance.


2. Navigate to Connection > SSH > Auth in the left pane and then select the downloaded private key in PPK format:


After a few seconds, you will see the authentication form.

Note: The checked boxed in the red highlight needs to be checked.


3. Login as ec2-user and you will see the EC2 server welcome banner and be placed in the Linux shell: