Matt Demeusy's blog has a good intro about how to setup an EC2 instance to be accessed via Windows RDP (remote desktop) from your local windows machine.
How to connect to Amazon Linux instances from a windows machine:
- Login to the console.aws.amazon.com and in the Key Pairs section of the console, create a key pair and download it.
- convert Amazon key format for PuTTY with PuttyGen
Putty does not understand the keypair that you downloaded Amazon. That’s not a major issue though, because PuttyGen is a program that converts the native file format into one that PuTTY will understand.
Launch PuTTYGen, click on Conversions -> Import Key. Browse to c:\ec2 and locate the key you downloaded. It will have a .pem extension.
If you wish, enter a passphrase in the fields provided by PuTTYGen; although we recommend skipping this step for the lab exercise.
Finally, click on File -> Save Private Key to save the converted key in c:\ec2. Use the same base filename, so that MyKey.pem has a corresponding PuTTY file named MyKey.ppk. This best practice makes it easier to keep things organized later.
This movie will step you through how to use PuTTY Gen on windows to generate and import your key. It covers PuTTY Gen and PuTTY from about 4:12 – 4:50 in the movie. Just do the PuTTY Gen step. - Select the running instance from the amazon console at http://console.aws.amazon.com and look in the details pane, and copy and paste the public DNS name into PuTTY. (Data in the screenshots are strictly examples).
- Then save it to a named profile. (Data in the screenshots are strictly examples)
- Then specify your MyKey.ppk PPK file from step 9, as shown below. Save your changes to the same connection profile. You may need to use PuttyGen to convert the key to putty format before using.
- If applicable, specify a proxy server in the Connections > Proxy in the PuTTY settings. Save your changes to the same connection profile.
- Tunnel VNC (if applicable)
Some firewalls may block vnc on port 5901. If you can connect on SSH, you can use the port forwarding feature of PuTTY to get around this. Realize that if you are tunneling, VNC will depend on the SSH session being open / logged in to work. Setup the tunnel in PuTTY, then connect your vnc client to 127.0.0.1:1 as shown below. If you were already connected on SSH before making this change, make the change, save it, and disconnect / reconnect.
Then try to connect by double clicking on the profile name. The first time you successfully connect, you will get a message about adding the keyfile to a cache. Say yes when prompted. It will prompt you for the login ID after accepting the key, and the username is always root. There is no password as you are using an encrypted key instead of a password.
Connection troubleshooting:
- Make sure you specified the path to your key (*.ppk) file in the SSH/Auth section
- Most often the issue is a hang / timeout. This usually means a network problem, or the instance didn’t boot properly.
- If you have a proxy that you normally use for your browser, you must specify it in the connection/proxy section, and remember to save the change to your profile so you don’t have to re-enter it every time.
- Double check your security groups and make sure they allow port 22. Consider where you are connecting from, and whether or not you are actively using VPN or not. Some companies have proxies, so if you’re on VPN you may need to specify your proxy.
- Try stripping out the DNS name and just use the IP. If the public DNS name is ec2-75-101-146-205.compute-1.amazonaws.com then the IP would be 75.101.146.205. You may want to do this anyway to eliminate DNS as a potential source of issues.
- Remember that ping will not work with amazon, so don’t bother
- Last resort, use elasticfox to check the STOUT console output and ensure that the instance booted properly.
