how to access with putty
You need to download putty from www.putty.org. You will need the entire package that has also puttygen and pageant.
You need a EC2 key pair file. If you don´t have it create it.
PEM stands for Privacy Enhanced Mail and is a widely used encoding format used for security certificates. It is made by a public key and a private key. Together, the two keys enable you to securely connect to your EC2 instance using SSH.
2.1. Create a ec2 key
2.2 using a pem key.
You need to convert your PEM file to a PPK file (PPK = PuTTY Private Key) Type puttygen in the Windows start dialog box:
On the PuTTYgen dialog box, click the Load Button and then select the .pem file that you downloaded from AWS. Note: when browsing for your pem file be sure to select "All Files" in the dropdown list that is located to the right of the File name field. Otherwise you may not see the pem file. PuTTYgen will then load and convert your file.
As the message indicates, you then need to click on “Save private key”. You will receive a warning message asking if you want to save this key without a passphrase. Be sure to select Yes.
Provide a name for your ppk file and click save.
Now that you have converted the pem file to a ppk file, you are ready to use the PuTTY utility. In the Windows start dialog box, type in putty to start the utility.
Enter your Host Name into the appropriate field. This will be in the format of: user_name@public_dns_name. Be sure to specify the appropriate user name for your AMI type. For example:
•For an Amazon Linux AMI, the user name is ec2-user.
•For a RHEL AMI, the user name is ec2-user or root.
•For an Ubuntu AMI, the user name is ubuntu or root.
•For a Centos AMI, the user name is centos.
•For a Fedora AMI, the user name is ec2-user.
•For SUSE, the user name is ec2-user or root.
•Otherwise, if ec2-user and root don’t work, check with the AMI provider.
Here is an example for connecting to an Amazon Linux AMI:
Next, click on the + button next to the SSH field to expand this section. Then click on Auth (which stands for authenticate) and enter the name of your private key file (i.e. the ppk file) where it says Private key file for authentication (if you click on browse you can easily search for the directory where you have stored it).
Lastly, click on Open to start your SSH session.
Note: if this is the first time that you are logging into the instance, you will receive the following alert.
Click on Yes to continue.
Then it will ask you for the user. In Amazon AWS the user will be "ec2-user" In other services the name is the one that we wrote before.
If you did everything correctly, you will see a new window appear displaying your command line SSH session (troubleshooting hint: if the window appears but fails to connect, a common issue is that you likely have not created a rule to enable SSH inbound traffic on Port 22 in the Security Group that is attached to this instance…..so double check that first).
You will first need to use PuTTYGen to convert your PEM file into a private PPK file that has a password. So, in PuTTYGen, choose Conversions > Import Key and select your PEM-formatted private key. Enter a passphrase and then click Save private key, as shown in the following screenshot. Save the key as a .ppk file
Pageant is an SSH authentication agent and allows you to hold your private key in memory, so that it can in turn be forwarded by PuTTY. To start the utility you can type pageant in the Windows start dialog box:
ADD YOUR PPK KEY FILE INTO PAGEANT
Find the Pageant icon in your Windows task bar (generally found at the bottom of your screen…look for computer terminal with a black hat on top of it). Double click on this icon then select Add Key and in the pop up dialog window navigate to the folder that contains your PPK file and select it, followed by clicking on Open. When you select the PPK file, you’re prompted to enter the passphrase you chose when you converted the key. You can then close the Pageant Key List window after your key has been added:
On the main screen (Session) enter the Host Name information for your instance as was described earlier in this guide (i.e. user_name@public_dns_name). Then click on SSH and select the Auth tab. Click on Allow agent forwarding and leave the Private key file for authentication empty as shown here:
Then click on Open and it should connect you to your publically accessible EC2 instance (in this scenario, this instance would be referred to as the Bastion host or a jump box).
Once you are logged into the Bastion host you can then “jump” to the private instance by using the private IP address of the instance. This is done by issuing an SSH command in your terminal session: ssh user_name@private_IP_address (i.e., something like this: ssh firstname.lastname@example.org). You should then see a second log-in occur within your PuTTY session. If you did everything correctly you will now be logged into the private instance via SSH.