====== EC2: SSH Access ======
**General Information**
Using SSH to gain access to AWS EC2 instances.
**Checklist**
* AWS Account
* Basic VPC, Subnets, etc already setup
----
====== EC2: Keys ======
If you generate a key pair through the Amazon console, you will download a .pem file.
* This file contains your key pair (private and public) and is used in ssh commands to login
\\
You can extract just your public key and output it in RSA format that Linux authorized_keys files expect.ssh-keygen -y -f MYKEYPAIR.pem
* The output string can appended to a user's file at /home/USERNAME/.ssh/authorized_keys for additional key access beyond the default.
----
====== EC2: SSH Access ======
Accessing EC2 instances with a SSH key.
Pre-req Setup
* Launch EC2 Instance
* Create new key and download it or use existing SSH key pair
* Transfer the .pem key to your system that you will jump from to AWS
* Change permissions to read only for ownerchmod 400 keypair.pem
----
===== EC2: Direct SSH To Public Facing System =====
SSH to a system's public IP/DNS.
* Pre-req Setup complete
* SSH using the pem key as the identity to a system's public IP/DNS
* AWS AMIssh -i keypair.pem ec2-user@public.ip.address.here
* CentOS AMIssh -i keypair.pem centos@public.ip.address.here
----
===== EC2: SSH Through Bastion Host =====
SSH to a bastion host that is public facing and hopping from there to systems with private addresses only.
* Pre-req Setup complete
* Start SSH Agenteval $(ssh-agent -s)
* Add key to the agentssh-add keypair.pem
* SSH to the bastion host, forwarding the pem key
* AWS Linux AMIssh -A ec2-user@public.ip.address.here
* CentOS AMIssh -A centos@public.ip.address.here
* Now on bastion host, SSH to the private address only instance
* AWS Linux AMIssh ec2-user@private.ip.address.here
* CentOS AMIssh centos@private.ip.address.here
----