Setting Up SSH for AWS and GCP VMs: A Step-by-Step Guide

Secure SHell (SSH) provides a way to safely connect and interact with remote servers, such as VMs on AWS and GCP. Here’s a simple and straightforward guide to set up SSH.

Understanding SSH:

SSH uses a key-pair mechanism for security:

• Public Key: Shared with the server. It’s like a mailbox exterior where people can drop messages but can’t read its contents.
• Private Key: Kept private on your device. It’s the key to the mailbox, allowing you to read the messages.

Setting Up SSH:

1. Generate the SSH Key Pair

On your local computer, open the terminal:

ssh-keygen -t rsa

By default, this will produce two files in the ~/.ssh/ folder:

• id_rsa: Private Key
• id_rsa.pub: Public Key

2. Retrieve the Public Key

To display your public key:

cat ~/.ssh/id_rsa.pub

Copy its content. We’ll use it soon.

3. Access Your VM on AWS or GCP

GCP:

• Go to the GCP Console.
• Find your VM instance.
• Click “SSH” to open its terminal.

AWS:

• Head to the AWS Console.
• Locate your VM instance.
• Press “Connect” for connection instructions.

4. Set Up a New User (Optional)

If you’d like a specific user for SSH:

sudo adduser andi
sudo usermod -aG sudo andi

This creates a user named ‘andi’ and grants them superuser permissions.

5. Install the Public Key on the VM

Switch to the user (if you made one) and set up the SSH folder:

su - andi
mkdir ~/.ssh && nano ~/.ssh/authorized_keys

Paste your public key into this file and set up the right permissions:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

6. Open the SSH Port

To SSH into the VM, port 22 must be open:

AWS:

• In the AWS Console, find “Security Groups” under the EC2 Dashboard.
• Choose the VM’s security group.
• Go to “Inbound”, click “Edit” and then “Add Rule”.
• Set Type to SSH, Port Range to 22.
• For Source, input 0.0.0.0/0 or specific IPs you trust.

GCP:

• In the GCP Console, select “Firewall” under “VPC network”.
• Click “Create Firewall Rule”.
• Name it, and set Targets to “Specified target tags”, and add tag: allow-internet-ssh.
• Set Source IP ranges as 0.0.0.0/0 or your IPs.
• For protocols and ports, input tcp:22.

Then, tag your VM with allow-internet-ssh to apply the rule.

7. SSH from Your Local Machine

Use the following command:

ssh andi@YOUR_VM_PUBLIC_IP

Replace YOUR_VM_PUBLIC_IP with your VM’s public IP. You should now access your VM without needing a password.

Wrapping Up:

SSH provides a secure method to communicate with remote servers. With your keys set up, you have a private channel to your VM, ensuring both confidentiality and security. Now, you’re ready to manage your AWS or GCP VM securely through SSH!