AWS EC2 2nd SSH connection to EC2 Instance (Amazon Linux2)
Introduction
I started EC2 Instance last time. What do you want the server to do after launching EC2 Instance? There are various things to be done by, but first of all, the story does not start without connecting to EC2 Instance. Therefore, this time, SSH connection to the Ec2 Instance.
Contents to be implemented this time
SSH to your EC2 Instance.
environment
AMI: Amazon Linux 2 AMI (HVM), SSD Volume Type --ami-05f4d5a411fcc68e0 (64-bit Arm)
reference
Tutorial: Getting started with Amazon EC2 Linux instances
Create AWS EC2 EC2 Instance (Amazon Linux AMI) 2 This is an article about building EC2 Instance (Amazon Linux2), which is the basis of this article.
the term
nothing special
Start, start, stop, restart, end EC2 Instance
There are expressions such as "start", "start", "stop", "restart", and "end" when transitioning the state of EC2 Instance, so I will explain them. These can be changed in "Instance Status" from the instance screen.
For more information, please see "Instance Lifecycle". I think it's a good idea to remember the four in the image.
| Status | Explanation |
|---|---|
| Start-up | Create an EC2 Instance. I think you should think that you bought a PC. |
| start | Turn on and launch EC2 Instance. It is an image to start the PC. |
| Stop | Power off the EC2 Instance. This is an image of shutting down the PC. |
| Reboot | EC2 Instanceを停止して開始すること。PCのRebootのイメージです。 |
| End | Destroy the EC2 Instance. It is an image of throwing away the PC. |
Basically, you only need to use "Start", "Stop", and "Restart". If you want to create a new EC2 Instance, you can use "Start", and if you want to destroy the EC2 Instance, you can use "Exit". ..
If you "quit", the EC2 Instance you built will disappear, so you can create a backup, but first of all, it is better not to make a mistake in quitting.
If you check "Enable" in "Action"-> "Instance Settings"-> "Change Termination Protection" on the EC2 screen, you will not be able to terminate it by mistake.
SSH connection
-
Start EC2 Instance On the EC2 console screen, check the check box of the EC2 Instance to start and select "Instance Status"-> "Start Instance".
-
Confirm public IPv4 address When you start it, your EC2 Instance will be assigned a public IPv4 address. The relevant information will appear at the bottom of the EC2 console screen, so check it. You can also use an Elastic IP address that fixes the IP address, but it's a little expensive, so I think you don't have to use it during the initial setup.
-
SSH connection Connect to 2 public IPv4 addresses. Anything that can be SSH connected will do, but I use "Tera Term". Host: Public IPv4 address confirmed above Service: SSH TCP port: 22 SSH version: SSH2 IP version: AUTO Connect with.
A "Security Warning" will be displayed, but press "Continue" to continue.
The SSH authentication screen is displayed. Here, set the following and press OK to make an SSH connection.
Username: ec2-user
Passphrase: None
Authentication method: Select "RSA / DSA / ECDSA / ED25519 Use key", press the file open button, and set the key pair created when EC2 Instance is started.
By default, SSH connections seem to connect with a key pair and no password.
Internet gateway and security
By default, you can connect to SSH smoothly as described above, but security is not so, and there are settings everywhere.
Internet gateway
In the "What to do this time" diagram, "Internget gateway" is set first when connecting to AWS Cloud from the Internet.
From the AWS service, select VPC (Vertual Private Cloud) to display the VPC console screen.
Select Internet Gateway from the menu on the left to list your Internet Gateway ID and its associated VPC ID.
Click the VPC ID associated with the EC2 Instance you created to see the details, and click the route table there to see the route table.
Here, the first is that the target is local. I think it is a gateway when there are multiple in the VPC. The second is 0.0.0.0/0 and the target is the Internet gateway ID. By default, it is set to allow connections from any IP address.
Security
Display the EC2 console screen from the AWS service. Select Security Groups from the menu on the left to see a list of security groups. Among them, I think that the security group name is "launch-wizard-X" (X is a number), but this is the security group created by default when EC2 Instance is started. Click this security group ID to see details. There is an inbound rule there, the protocol is TCP, the port range is 22, the source is set to 0.0.0.0/0 (any IP address is acceptable), and there is a rule that only SSH can pass.
Here you can see that by default it is set to allow only SSH connections.
Anything is possible for outbound. By default, nothing goes out, so I wonder if this is all right.
in conclusion
This time, I explained how to connect with SSH.
Recommended Posts