Connecting to AWS instance using SSH

Day 5 of my series of #100daysofaws — Read the introduction here

As a network administrator, I know all too well the challenges of managing multiple systems spread across diverse locations.

In this blog post, I want to take you on a journey into the realm of SSH and share my experiences with this incredible tool. I’ll explain what SSH is, why it’s essential for network admins, and how it has transformed the way I work. So buckle up and get ready to dive into the world of secure connectivity!

What is SSH?

SSH, or Secure Shell, is a network protocol that provides a secure way to access a remote computer. It encrypts all traffic between the client and server, so that passwords, data, and commands are protected from prying eyes. SSH is widely used by system administrators to manage remote servers, but it can also be used by regular users to access files and applications on remote machines.

Various ways of authentication

DALL-E thinks this is an SSH connection

There are several different ways to authenticate with SSH. The most common method is to use a username and password. However, SSH also supports other methods of authentication, such as public key authentication.

• Username and password authentication: This is the most common method of authentication. To use it, you will need to know the username and password for the remote account.
• Public key authentication: This method uses a pair of public and private keys to authenticate users. The public key is stored on the remote server, and the private key is stored on the client machine. When you connect to the remote server, you will be prompted to enter your private key passphrase.

How SSH is secured

SSH uses a variety of security features to protect your data. These features include:

• Encryption: All traffic between the client and server is encrypted using strong encryption algorithms.
• Authentication: Users must authenticate with a username and password or a public key before they can access the remote server.
• Integrity verification: SSH verifies the integrity of all data that is transmitted between the client and server.
• Logging: SSH logs all connections and activity, which can be used to track down security breaches.

Features of SSH

SSH has a number of features that make it a powerful tool for accessing remote computers. These features include:

• Port forwarding: SSH can be used to forward ports from the client machine to the remote server. This can be used to access services that are not normally accessible from the internet, such as web servers and databases.
• File transfer: SSH can be used to transfer files between the client and server. This can be done using the scp or sftp commands.
• Remote command execution: SSH can be used to execute commands on the remote server. This can be done using the ssh command.
• Tunneling: SSH can be used to create tunnels between the client and server. This can be used to bypass firewalls and access resources that are not normally accessible from the internet.

How SSH works?

SSH works by using a client-server model. The client is the computer that you are using to connect to the remote server. The server is the computer that you are connecting to.

When you connect to a remote server using SSH, the following steps occur:

1. The client sends a request to the server.
2. The server authenticates the client.
3. The client and server negotiate a secure connection.
4. The client and server exchange data.
5. The connection is closed.

Step 1: The client sends a request to the server.

The client sends a request to the server using the SSH protocol. The request includes the client’s hostname, username, and password.

Step 2: The server authenticates the client.

The server authenticates the client by checking the client’s username and password. If the username and password are correct, the server allows the client to connect.

Step 3: The client and server negotiate a secure connection.

The client and server negotiate a secure connection by using a variety of cryptographic algorithms. The secure connection ensures that all data that is exchanged between the client and server is encrypted.

Step 4: The client and server exchange data.

Once the secure connection is established, the client and server can exchange data. The data can be anything from text to files to commands.

Step 5: The connection is closed.

When the client is finished exchanging data with the server, it can close the connection. The connection is closed by sending a special message to the server.

How to use SSH with AWS

AWS provides a number of ways to use SSH with its services. One way is to use the AWS CLI. The AWS CLI is a command-line tool that can be used to manage AWS resources. To use the AWS CLI with SSH, you will need to install the AWS CLI on your client machine. Once the AWS CLI is installed, you can use the ssh command to connect to an AWS EC2 instance or Lightsail instance.

Key-pairs in Amazon

This is how key-pairs work with Amazon

• Amazon Lightsail is just like EC2 instances which use key pairs for authentication and to encrypt and decrypt login information.
• A key pair consists of a public key, which is stored on the instance, and a private key, which is stored on the user’s local machine.
• When you launch an instance, you can specify a new key pair or use an existing one.
• If you lose your private key, you cannot log in to your instance unless you have a backup.
• To create a key pair, you can use the AWS Management Console, the AWS CLI, or a third-party tool.
• You should keep your private key secure and never share it with anyone.
• You can use different key pairs for different instances or groups of instances.
• To connect to your instance using SSH, you must specify the path to your private key file and the username for your instance.
• You can use the AWS CLI or third-party tools to manage your key pairs, such as importing or exporting keys.
• As an alternative to key pairs, you can use AWS Systems Manager Session Manager to connect to your instance with an interactive one-click browser-based shell or the AWS Command Line Interface (AWS CLI).
• If you need to share access to your instances, you can use AWS Identity and Access Management (IAM) to create and manage users and groups with specific permissions.

Previous Posts 👇

• Introduction
• Day 1 — Introduction to AWS & Creating AWS account
• Day 2 — Introduction to Cloud Computing
• Day 3 — What is Virtualization, VPS and Amazon Lightsail?
• Day 4 — Setting up a VPS on Amazon Lightsail