AWS:- Launch a new OS instance on EC2
1. Login to your AWS account
=>Go to Service => Go to Compute and click on EC2
2. You are on Ec2 Dashboard => Click on Launch Instance under create instance
3. OS Selection - AMI - You have to create one windows and one linux based system.
- Select one of the 'free tier eligible' Amazon Machine Image (AMI) and click Next
- Here, you can select different kind of operating systems. I select Windows 2008 R2 Base
- Why Win 2008 R2? -> Its small in size and takes less CPU/Mem and disk space.
- On Linux based systems, select any free tier account.
4. Choose an Instance Type ( Resource - CPU/Mem ) and click next
select a free tier eligible t2.micro which gives you 1 GB RAM, 1 CPU free.
5. On Configure Instance Details page you will define no. of host, and network related info such as VPC, subnet.
just leave everything default and click on Add storage
6. On Add Storage page, root disk comes with 30GB for windoes. For now just leave default and click on Add Tags
7. On Add Tags page, click on 'click to add Name tage and fill the following information
Name
WinVM/LinuxVM
Owner
Samrat
Purpose
Learning
Type
Dev Server
8. Next click on Configure Security Group
- Here you can leave default and click on Review and Launch.
- here AWS creates new security Group and Windows RDP ( port 3389 ) is added, on linux based systems ssh (22) is added.
- Simply click on Review and Launch
9. On Review Instance Launch page, click on Launch to launch an instance.
10. Now, you will be prompted to create a new key or use the existing key pair.
- We will create a new key pair. Select create a new key pair from drop down box.
- Type the name of the keypair on 'Key pair name' box and lcik on 'Download Key Pair' button to download the key to your PC.
Download key ( *.pem )
PEM or Privacy Enhanced Mail is a Base64 encoded DER certificate. PEM certificates are frequently used for web servers as they can easily be translated into readable data using a simple text editor. Generally when a PEM encoded file is opened in a text editor, it contains very distinct headers and footers
Amazon EC2 uses public–key cryptography to encrypt and decrypt login information. Public–key cryptography uses a public key to encrypt a piece of data, such as a password, then the recipient uses the private key to decrypt the data. The public and private keys are known as a key pair.
11. Click on launch.
- Wait for about 3-4 minutes, your instance is ready.
12. Now, You are on EC2 Dashboard
- Click on Check box next the the Instance (WinVM) you want to login.
- Click on Connect
- A 'Connect to your instance menu pops up.
- Click on 'Download Remote Desktop File'
- And click on 'Get Password' and click on 'Choose File'
- Select the pem file you downloaded and click on 'Decrept Password' to decrept the code.
- Now, Copy the following information
Public DNS:
ec2-34-217-108-105.us-west-2.compute.amazonaws.com
User name:
Administrator
Password
:
Ut5zUUAGUNF
On Linux Based VM,
- Click on Check box next the the Instance (LinuxVM) you want to login.
- Click on Connect
- A 'Connect to your instance menu pops up.
- Here, you will get login info
ssh -i "mykeyfile.pem" ec2-user@ec2-34-211-85-27.us-west-2.compute.amazonaws.com
How to connect to the server from your PC?
A. Connecting to Windows Systems.
1. You can simply click on RDP file you downloaded and enter your username/password
2. Open Remote Desktop and connect using the Public DNS address.
- It will prompt you for username/passwd. After that you will be login into your machine.
or
Run => mstsc
How do you change the root (Administrator) password
=> Click on start => Administrative Tools => Computer Management.
=> Click on Local Users and Computer => Click on Users
=> R. Click on Administrator and click on set password to change
or
Press WinKey + R ( start + Run => Type lusrmgr.msc on the box and press enter
- You will be on Local users and Groups (Local)
- and change Administrator password
2. Connecting Windows Instance from Linux based systems.
- I will be testing on Redhat/Centos version 7 (Works on RHEL6 as well). My windows system info is below,
Public DNS:
ec2-34-217-108-105.us-west-2.compute.amazonaws.com
User name:
Administrator
Password
:
Ut5zUUAGUNF
- Perform the following tasks on your Linux session
# yum install *freerdp*
# xfreerdp -u administrator <IP/DNS_name>
# xfreerdp -u administrator ec2-34-217-108-105.us-west-2.compute.amazonaws.com
For older version of RHEL 5, ubuntu, use rdesktop
# yum install rdesktop -> RHEL/Centos
# apt-get install rdesktop -> Ubuntu
- to connect
# rdesktop -u administrator <IP/DNS_name>
B. Connecting from your PC to Linux based Systems.
a. Connecting PC to Linux server using putty
1. Go to putty.org site and download putty.exe, puttygen.exe (32 bit) [Download portable version]
- Store both file on one folder
2. Convert .pem file to .ppk file format using puttygen file.
- Since putty.exe cann't read key*.pem format, we have to convert it.
- Open puttygen application and click on Load buttom.
- Load the .pem file you downloaded from aws site.
- Click on Save private Key as mykeyfile.ppk.
3. Open your putty now.
Here is login address provided by AWS
ssh -i "mykeyfile.pem" ec2-user@ec2-34-211-85-27.us-west-2.compute.amazonaws.com
- Under Session Look for hostname (or IP address)
- Type IP or DNS_name with port 22
(In my case: ec2-34-211-85-27.us-west-2.compute.amazonaws.com )
- Go to Connection => ssh => click on auth
- Click on browse and select the key your saved. In my case - mykeyfile.ppk
- It will prompt you for user, just type ec2-user, you should be able to login without any password.
- Type sudo su - to become a root user. $ sudo su -
b. Connecting PC to Linux server using putty
- Go to google and search for MobaXterm_Portable. Download on your desktop and open the application.
- Copy the downloaded key to your drive. I kept it under e:\downloads\awskeys
➤ cd e:/
➤ cd dowloads
➤ cd awskeys/
➤ ls
mynewvm.pem
- Now, login to your Amazon OS instance. You wil be login without prompting for password.
➤ ssh -i "mynewvm.pem" ec2-user@ec2-35-167-153-89.us-west-2.compute.amazonaws.com
3. Connecting from linux systems to your linux server.
Note: Download winscp.exe program
1. Upload the .pem key you downloaded into your server and perform the following tasks.
# mkdir /opt/awskeys
# chmod 777 /opt/awskeys
Now move the key into /opt/awskeys
# ls
- List the files/folders
# pwd
- see what path you are in.
# chmod 400 mykeyfile.pem
# ssh -i 17aug2017org.pem ec2-user@<PUB_IP/DNS_name>
$ whoami
To switch to root user
$ sudo su -
# whoami
[root@sam ~]# ssh -i "mykeyfile.pem" ec2-user@ec2-34-211-85-27.us-west-2.compute.amazonaws.com
The authenticity of host 'ec2-34-211-85-27.us-west-2.compute.amazonaws.com (34.211.85.27)' can't be established.
ECDSA key fingerprint is fc:06:3a:fa:c2:e8:a4:10:5c:04:70:04:72:0f:96:cb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ec2-34-211-85-27.us-west-2.compute.amazonaws.com,34.211.85.27' (ECDSA) to the list of known hosts.
Last login: Tue Apr 9 00:00:41 2019 from pool-108-45-108-236.washdc.fios.verizon.net
[ec2-user@ip-172-31-21-36 ~]$
[ec2-user@ip-172-31-21-36 ~]$ w
00:28:55 up 46 min, 2 users, load average: 0.00, 0.01, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
ec2-user pts/0 pool-108-45-108- 00:00 19:51 0.02s 0.19s sshd: ec2-user [priv]
ec2-user pts/1 pool-108-45-108- 00:28 5.00s 0.01s 0.01s w
[ec2-user@ip-172-31-21-36 ~]$ sudo su -
Last login: Tue Apr 9 00:04:50 UTC 2019 on pts/0
[root@ip-172-31-21-36 ~]# whoami
root
[root@ip-172-31-21-36 ~]# logout
[ec2-user@ip-172-31-21-36 ~]$ whoami
ec2-user
[ec2-user@ip-172-31-21-36 ~]$