Putty connects to Linux_Putty from a windows instance

Source: Internet
Author: User
Tags free ssh pscp putty ssh client secure copy amazon ecs
The following describes how to use PuTTY (a free SSH client for Windows) to connect to your instance. If you receive an error message when trying to connect to your instance, see putty Linux connection failure troubleshooting.

After starting your instance, you can connect to the instance and use it like using the computer in front of you.


After the instance is started, it takes several minutes to prepare the instance so that you can connect to the instance. Check whether your instance has passed the Status check-you can view this information in the Status Checks column on the Instances page.

The following describes how to use PuTTY (a free SSH client for Windows) to connect to your instance. If you receive an error message when trying to connect to your instance, see troubleshooting instance connection problems.


Before using PuTTY to connect to your Linux instance, complete the following prerequisites:

  • Install PuTTY

    Download and install PuTTY from the PuTTY download page. Ensure that the entire suite is installed.

  • Obtain the instance ID

    You can obtain the ID of your Instance by using the Amazon EC2 Console (in the Instance ID column. You can use describe-instances (aws cli) or ec2-describe-instances (Amazon EC2 CLI)Command.

  • Obtain the public DNS name of the Instance

    You can use the Amazon EC2 console to obtain the Public DNS of the Instance (check the Public DNS (Public DNS) column; if this column is hidden, Click Show/Hide (Show/Hide) and select Public DNS )). If you want, you can use the describe-instances (aws cli) or ec2-describe-instances (Amazon EC2 CLI) command.

  • Find private keys

    You need to use the key pair you specified when starting the instance.pemFile Path.

  • Allow inbound SSH traffic from your IP address to your instance

    Make sure that the security group associated with your instance allows incoming SSH traffic from your IP address.


    By default, your default security group does not allow incoming SSH traffic.

Use PuTTYgen to convert your private key

PuTTY itself does not support the private key format (. pem) generated by Amazon EC2 ). PuTTY has a tool named PuTTYgen that converts keys to the required PuTTY format (. ppk ). You must convert the private key to this format (. ppk) before attempting to connect to your instance using PuTTY.

Convert your private key

  1. Start PuTTYgen (for example, click "All Programs> PuTTY> PuTTYgen" in the "Start" menu ").

  2. Under Type of key to generate, select SSH-2 RSA.

  3. Click Load ". By default, PuTTYgen only displays.ppk. To find your.pemFile. select the option to display all types of files.



  4. Select the key pair specified when the instance is started.pemFile, and then click Open. Click OK to close the confirmation dialog box.

  5. Click Save private key to Save the key in a format available for PuTTY. PuTTYgen displays a warning about saving the key without a password. Click Yes ).


    The password of a private key is additionally protected. Therefore, even if your private key is disclosed, the key is still unavailable without a password. The disadvantage of using a password is that it makes automation more difficult, because manual intervention is required to log on to the instance or copy files to the instance.

  6. Specify the same name as the key pair for this key (for example,my-key-pair). PuTTY automatically added .ppk File extension.

Your private key format is now in the correct PuTTY format. You can now use the PuTTY SSH client to connect to the instance.

Start PuTTY session

Use PuTTY to connect to your Linux instance. You will need.ppkFile.

Start PuTTY session

  1. (Optional) You can use one of the following commands on the local system (instead of the Instance) to verify the RSA key fingerprint on the instance. If you start an instance from a third-party public AMI, you may need to do so. FindSSH HOST KEY FINGERPRINTSPart, write down the RSA fingerprint (for example, 1f: 51: AE: 28: bf: 89: e9: d8: 1f: 25: 5d: 37: 2d: 7d: b8: ca: 9f: f5: f1: 6f) and compare it with the instance fingerprint.

    • Get-console-output (aws cli)

      aws ec2 get-console-output --instance-id instance_id
    • The ec2-get-console-output (Amazon EC2 CLI)

      ec2-get-console-output instance_id


    SSH HOST KEY FINGERPRINTSSome are only available after the instance is started for the first time.

  2. Start PuTTY (in the "Start" menu, click "All Programs> PuTTY ").

  3. In the "Category" pane, select Session and enter the following fields:

    1. In the Host Name box, enteruser_name@public_dns_name. Make sure that the user name is specified for your AMI. For example:

      • For Amazon Linux AMI, the user name isec2-user.

      • For the RHEL5 AMI, the user name isrootOrec2-user.

      • For Ubuntu AMI, the user name isubuntu.

      • For the Fedora AMI, the user name isfedoraOrec2-user.

      • For SUSE Linux, the user name isrootOrec2-user.

      • In addition, ifec2-userAndrootUnavailable. Check with the AMI supplier.

    2. Under Connection type, select SSH.

    3. Make sure the Port is 22.

  4. In the Category pane, expand Connection, expand SSH, and then select Auth ). Complete these steps:

    1. Click Browse ).

    2. Select.ppkFile, and then click Open ).

    3. (Optional) If you want to restart the session later, you can save the session information for future use. Select Session in the Category tree, enter a name for the Session in the Saved Sessions (Saved Session), and click Save ).

    4. Click Open to start the PuTTY session.

  5. If this is your first connection to this instance, PuTTY will display a security warning dialog box asking if you trust the host you want to connect.

  6. (Optional) Verify that the fingerprint in the security alarm matches the fingerprint obtained in step 1. If these fingerprints do not match, someone may be attempting to launch a "man-in-the-middle" attack. If yes, proceed to the next step.

  7. Click Yes ). A window opens and you connect to your instance.


    If you specify a password when converting a private key to the PuTTY format, you must provide the password when you log on to the instance.

    Use PuTTY secure copy client to transmit files to your Linux instance

    PuTTY secure replication client (PSCP) is a command line tool that transfers files between Windows and Linux instances. If you prefer a graphical user interface (GUI), you can use an open-source GUI tool called "WinSCP. For more information, see transfer files to your Linux instance using WinSCP.

    To use PSCP, you will need to use PuTTYgen to convert the private key generated in your private key. You also need the public DNS address of the Linux instance.

    In the following exampleSample_file.txtTransfer from a Windows computer to a Linux instance/usr/localDirectory:

    C:\> pscp -i C:\Keys\my-key-pair.ppk C:\Sample_file.txt user_name@public_dns:/usr/local/Sample_file.txt


    Use WinSCP to transfer files to your Linux instance

    WinSCP is a GUI-based file manager for Windows. You can use the SFTP, SCP, FTP, and FTPS protocols to upload and transmit files to a remote computer. With WinSCP, you can drag and drop files from Windows to a Linux instance or synchronize all the directory structures between the two systems.

    To use WinSCP, you will need to use PuTTYgen to convert the private key generated in your private key. You also need the public DNS address of the Linux instance.

    1. Download and install WinSCP from the http://winscp.net/eng/download.php. For most users, use the default installation option.

    2. Start WinSCP.

    3. On the WinSCP login (WinSCP logon) screen, for Host name (Host name), enter the public DNS address of the instance.

    4. For User name, enter the default AMI User name. For Amazon Linux AMI, the user name isec2-user. For Red Hat AMI, the user name isrootFor Ubuntu AMI, the user name isubuntu.

    5. Specify a private key for your instance. For Private key, enter the path of the Private key or click "…" Button to browse the file. For the updated WinSCP version, click Advanced to open Advanced website settings, and then click Authentication under SSH to find Private key file Settings.


      WinSCP requires PuTTY private key file (.ppk). You can use PuTTYgen.pemConvert a security key file.ppkFormat.

    6. (Optional) in the left-side pane, click Remote directory. For Directories, enter the directory path to add the file. For the updated version of WinSCP, You need to click Advanced to open Advanced website settings, and then click Directories under Environment (Environment) to find the Remote directory settings.

    7. Click Login to connect, and then click Yes to add the host fingerprint to the host cache.

    8. After the connection is established, in the connection window, your Linux instance is displayed on the right and the local computer is displayed on the left. You can drag and drop files from a local computer to a remote file system. For more information about WinSCP, see the project documentation in http://winscp.net/eng/docs/start.


      If you receive aCannot execute SCP to start transfer"Error, you must first install it on your Linux instanceScp. For some operating systems, this command isopenssh-clientsPackage. For Amazon Linux variants (such as AMI optimized by Amazon ECS), run the following command to installScp.

      [ec2-user ~]$ sudo yum install -y openssh-clients


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.