Setting Up SSH for AWS and GCP VMs: A Step-by-Step Guide
Secure SHell (SSH) provides a way to safely connect and interact with remote servers, such as VMs on AWS and GCP. Here’s a simple and straightforward guide to set up SSH.
Understanding SSH:
SSH uses a key-pair mechanism for security:
- Public Key: Shared with the server. It’s like a mailbox exterior where people can drop messages but can’t read its contents.
- Private Key: Kept private on your device. It’s the key to the mailbox, allowing you to read the messages.
Setting Up SSH:
1. Generate the SSH Key Pair
On your local computer, open the terminal:
ssh-keygen -t rsa
By default, this will produce two files in the ~/.ssh/
folder:
id_rsa
: Private Keyid_rsa.pub
: Public Key
2. Retrieve the Public Key
To display your public key:
cat ~/.ssh/id_rsa.pub
Copy its content. We’ll use it soon.
3. Access Your VM on AWS or GCP
GCP:
- Go to the GCP Console.
- Find your VM instance.
- Click “SSH” to open its terminal.
AWS:
- Head to the AWS Console.
- Locate your VM instance.
- Press “Connect” for connection instructions.
4. Set Up a New User (Optional)
If you’d like a specific user for SSH:
sudo adduser andi
sudo usermod -aG sudo andi
This creates a user named ‘andi’ and grants them superuser permissions.
5. Install the Public Key on the VM
Switch to the user (if you made one) and set up the SSH folder:
su - andi
mkdir ~/.ssh && nano ~/.ssh/authorized_keys
Paste your public key into this file and set up the right permissions:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
6. Open the SSH Port
To SSH into the VM, port 22 must be open:
AWS:
- In the AWS Console, find “Security Groups” under the EC2 Dashboard.
- Choose the VM’s security group.
- Go to “Inbound”, click “Edit” and then “Add Rule”.
- Set Type to SSH, Port Range to 22.
- For Source, input 0.0.0.0/0 or specific IPs you trust.
GCP:
- In the GCP Console, select “Firewall” under “VPC network”.
- Click “Create Firewall Rule”.
- Name it, and set Targets to “Specified target tags”, and add tag:
allow-internet-ssh
. - Set Source IP ranges as 0.0.0.0/0 or your IPs.
- For protocols and ports, input
tcp:22
.
Then, tag your VM with allow-internet-ssh
to apply the rule.
7. SSH from Your Local Machine
Use the following command:
ssh andi@YOUR_VM_PUBLIC_IP
Replace YOUR_VM_PUBLIC_IP
with your VM’s public IP. You should now access your VM without needing a password.
Wrapping Up:
SSH provides a secure method to communicate with remote servers. With your keys set up, you have a private channel to your VM, ensuring both confidentiality and security. Now, you’re ready to manage your AWS or GCP VM securely through SSH!