[For Beginner] SSH to an Amazon EC2 Linux Instance when using proxy in browser
Hello everyone!
This is Toan, a fresher who joined classmethod from April 1st. Due to the effect of coronavirus, I have to work remotely from Vietnam using Amazon Workspaces provided by Classmethod. Today I want to introduce to beginners like me how to SSH to an Amazon EC2 Linux Instance when you are using a proxy in browser.
Many people are using proxy on browser for security and privacy reasons. This blog is for people who use proxy in web browser and don't want to disable it during SSH connection process.
Let's assume that you have run an Amazon EC2 Linux instance and installed Teraterm. What we need to do now is using Teraterm to connect SSH to your instance. Let's get started!
Step
1. Change your Security Group on AWS management console
- From your AWS console, select Security Groups
- Select your Security Group ID
- In inbound rules, select Edit inbound rules
- Select Add rules, modify as image below and hit Save rules
Note:
- Type: SSH
- Source: Custom 0.0.0.0/0
Reason will be explained later!
- Next, assign new Security Groups
Step 2: Connect SSH to server using Teraterm
- Open Teraterm and copy your Public DNS (IPv4) to Host section, hit OK.
- SSH Authentication box appears. Type ec2-user in User name section.
- In Authentication method, at Private key file select your .pem file which has been downloaded and stored before. Hit OK to successfully connect to your server.
WAIT! It has not done yet! 0.0.0.0 means: listen on ALL addresses! This will make your server available on the internet. If you do that for some local server without any security, that's bad!
- After connecting to the server, type command $w -i
- You will find the IP you need like below.
- Now get back to Security Group on your AWS management console and change it once again to new IP. Don't forget to assign new Sercurity Group.
- Now repeat from step 2 and you're all set!
Answer question
You my question why we have to do such complicated steps to set SSH IP while you can set it easily by My IP option on Inbound rules. Here is the reason:
As you can see, My IP is completely different from the IP we found in console. Because now we're using proxy on browser. My IP here is just IP from proxy. We need to find Public IP which is your real IP to set it on Inbound rules so that only you can connect to your own server.
Conclusion
Actually it took a biginner like me a lot of time to find out the problem. I hope this small trick will save your time.
Thank you for visiting my blog!
Have a nice day!