Skip to main content

Access Console and SSH | Remote Connection Guide for VM Instances

Connect to your VM instances using browser-based console or SSH terminal for direct management and troubleshooting.

Console Access

Browser-Based Console

The Console provides a browser-based terminal connection to your VM instance without needing a local SSH client.

When to Use Console

  • Quick troubleshooting without SSH setup
  • Initial instance configuration
  • Network troubleshooting
  • System maintenance
  • Security group changes preventing SSH

Opening Console

From VM Card

  1. Locate the VM instance in dashboard
  2. Scroll to bottom action buttons section
  3. Click the Console Button (Terminal icon)
  4. Console window opens in your browser

Console Window

  • Full-screen terminal interface
  • Black background with white text
  • Cursor blinking ready for input
  • Type commands to execute

Using Console

Basic Commands

# Check system information
uname -a

# View disk usage
df -h

# Check memory
free -m

# List processes
ps aux

# View system logs
tail -f /var/log/syslog

Console Features

  • Full terminal access to instance
  • Execute any command allowed by OS
  • View output in real-time
  • Copy/paste functionality
  • Scroll through history

Common Console Tasks

  • View system logs
  • Check service status
  • Manage users and permissions
  • Install packages
  • Update system configuration
  • Restart services

Console Limitations

Limitations

  • Requires instance to be running
  • No file transfer capability
  • Limited scroll-back history
  • May have latency
  • Some special characters not supported

Closing Console

Exit Console

  1. Type exit and press Enter
  2. Click X button on console window
  3. Click outside console area
  4. Press Escape key
info

Closing console doesn't affect your instance. It just disconnects your session.

SSH Access

Secure Shell Connection

SSH (Secure Shell) provides encrypted remote command-line access to your instance with full control and flexibility.

When to Use SSH

  • Complex administration tasks
  • Script execution
  • File transfer with SCP
  • Port forwarding
  • Persistent long-running sessions

Prerequisites for SSH

Before connecting via SSH, you need:

Local SSH Client

  • OpenSSH client (included on Linux/Mac)
  • PuTTY (Windows alternative)
  • VS Code Remote SSH extension
  • Git Bash (Windows)

SSH Key Pair

  • Private key file (keep secret)
  • Public key on the instance
  • Correct file permissions (600)
  • Key must match instance's authorized keys

Network Access

  • Port 22 (SSH) must be open
  • Security group must allow inbound SSH
  • Network connectivity to instance IP
  • Instance must be running

Correct IP Address

  • Public IP if connecting from internet
  • Private IP if on same network
  • Floating IP or elastic IP if configured

Getting SSH Connection Information

From VM Card

  1. Scroll to bottom of card
  2. Click the SSH Button (Terminal icon)
  3. Connection information displays
  4. Shows SSH command to use
  5. May show key file location

Connection String Format

ssh -i /path/to/key.pem ec2-user@instance-ip

Or for other operating systems:

ssh -i /path/to/key.pem ubuntu@instance-ip
ssh -i /path/to/key.pem admin@instance-ip
ssh -i /path/to/key.pem root@instance-ip

Information Provided

  • Complete SSH command
  • Private key file path
  • Instance IP address
  • Default username for OS
  • Port number (usually 22)

Connecting via SSH

Using OpenSSH (Linux/Mac/Git Bash)

  1. Open Terminal

    # On Linux/Mac
    open Terminal

    # On Windows with Git Bash
    right-click and "Git Bash Here"

  2. Copy SSH Command

    • Copy the SSH command from dashboard
    • Or manually construct: ssh -i keyfile.pem user@ip-address

  3. Execute Connection

    ssh -i /path/to/key.pem [email protected]

  4. Accept Host Key (First Time)

    • Message: "Are you sure you want to continue?"
    • Type yes and press Enter
    • Host key is added to known_hosts

  5. Connected to Instance

    • Prompt changes to instance name
    • You're now remotely connected
    • Execute commands directly

Using PuTTY (Windows)

  1. Convert Private Key (if needed)

    • PuTTYgen converts OpenSSH keys
    • Load private key file
    • Export as PuTTY format

  2. Open PuTTY

    • Launch PuTTY application
    • Connection type: SSH
    • Port: 22

  3. Configure Connection

    • Host Name: Instance IP address
    • Username: default OS user
    • Auth → Private key file: select .ppk file

  4. Connect

    • Click "Open"
    • Accept host key if prompted
    • You're connected and ready

SSH Commands

After Successful Connection

# View system information
uname -a
lsb_release -a

# Check disk space
df -h

# View memory
free -h

# List processes
ps aux | grep process-name

# View recent logs
tail -100 /var/log/syslog

# Check network connectivity
ping google.com
netstat -tulpn

# Restart a service
sudo systemctl restart service-name

# View running services
sudo systemctl list-units --type=service --state=running

# Edit a file
nano /path/to/file
# or
vi /path/to/file

File Transfer with SCP

Copying Files to Instance

# Single file
scp -i /path/to/key.pem /local/path/file.txt user@instance-ip:/remote/path/

# Entire directory
scp -r -i /path/to/key.pem /local/path/directory user@instance-ip:/remote/path/

Copying Files from Instance

# Single file
scp -i /path/to/key.pem user@instance-ip:/remote/path/file.txt /local/path/

# Entire directory
scp -r -i /path/to/key.pem user@instance-ip:/remote/path/directory /local/path/

Disconnecting SSH

End SSH Session

# Type exit command
exit

# Or press Ctrl+D

The terminal closes and you're back on your local machine.

Key Management

SSH Key Pair Setup

Creating New Key Pair (if needed)

# Generate new key
ssh-keygen -t rsa -b 4096 -f ~/.ssh/my-instance-key

# You'll be prompted for:
# - Passphrase (optional but recommended)
# - Confirm passphrase

# View your public key
cat ~/.ssh/my-instance-key.pub

Adding Public Key to Instance

If key isn't already on instance:

  1. Generate key pair (above)
  2. Copy public key to instance: 
    ssh-copy-id -i ~/.ssh/my-instance-key.pub user@instance-ip
  3. Or manually add to ~/.ssh/authorized_keys

Key Permissions

Correct Permissions Required

# Private key (your computer)
chmod 600 ~/.ssh/my-instance-key

# SSH directory
chmod 700 ~/.ssh

# Authorized keys on instance
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Permission Errors

  • "Permission denied" usually means wrong permissions
  • Run chmod commands above to fix
  • Common issue with newly created keys

Key Security

danger

Never share your private key with anyone.

Protecting Private Keys

  • Store in secure location (~/.ssh/)
  • Don't commit to version control
  • Don't email or upload
  • Use passphrase for extra protection
  • Regularly rotate keys
  • Delete old unused keys

Troubleshooting Connection Issues

Cannot Connect to Instance

Check Prerequisites

  1. Is instance running? Check status in dashboard
  2. Do you have the correct IP address?
  3. Do you have the correct private key?
  4. Is the private key in correct location?
  5. Are file permissions correct?

Common Errors

"Permission denied (publickey)"

  • Private key doesn't match public key
  • Public key not added to instance
  • Wrong key file specified
  • File permissions wrong (should be 600)
  • Wrong username for OS

Solution:

# Verify key permissions
ls -la ~/.ssh/my-key.pem
# Should show: -rw------- (600)

# Re-add public key to instance
ssh-copy-id -i ~/.ssh/my-key.pem user@instance-ip

"Connection refused"

  • SSH service not running on instance
  • Port 22 not open in security group
  • Wrong port specified
  • Instance is stopping/starting

Solution:

  • Check security group allows port 22
  • Restart SSH service if you have console access
  • Wait if instance is starting up
  • Verify correct IP address

"Connection timeout"

  • Network connectivity issue
  • Security group blocking traffic
  • Instance is down or unreachable
  • IP address incorrect

Solution:

  • Check instance status in dashboard
  • Verify security group rules
  • Check your network firewall
  • Use console to troubleshoot
  • Verify correct IP address

"Host key verification failed"

  • First time connecting to new instance
  • Host key not in known_hosts file
  • Host key changed

Solution:

  • Type yes when prompted
  • Host key will be saved
  • Future connections won't prompt

SSH Key Issues

"Permission denied" with correct key

  1. Verify correct private key:

    ssh-keygen -l -f ~/.ssh/key.pem

  2. Verify public key on instance:

    cat ~/.ssh/authorized_keys

  3. Add public key if missing:

    ssh-copy-id -i ~/.ssh/key.pem user@instance-ip

Lost Private Key

  • If key is lost, you can't connect
  • Use console access instead
  • Request new instance if needed
  • Generate new key pair for future instances

Network Issues

Cannot Reach Instance IP

  1. Check instance has public IP (if needed)
  2. Verify security group allows SSH (port 22)
  3. Check your firewall isn't blocking
  4. Test from another network if possible
  5. Use instance console to troubleshoot

Latency or Slow Connection

  1. Check network conditions
  2. Try different network (if possible)
  3. Reduce screen size if high latency
  4. Use SCP with -C flag for compression
  5. Restart instance if very slow

Security Best Practices

  1. Protect Private Keys

    • Never share with others
    • Use strong passphrases
    • Store securely
    • Regular backups

  2. Use SSH Keys Instead of Passwords

    • More secure than passwords
    • Can't brute-force SSH keys
    • Required for automation

  3. Regular Key Rotation

    • Create new keys periodically
    • Remove old unused keys
    • Maintain audit trail

  4. SSH Configuration

    • Disable password authentication
    • Change SSH port (optional)
    • Use fail2ban for bruteforce protection
    • Restrict SSH to specific IPs if possible

  5. Monitoring

    • Monitor SSH logs for failed attempts
    • Alert on successful connections from new IPs
    • Review authorized_keys regularly

Advanced SSH Features

SSH Config File

Create ~/.ssh/config

Host my-instance
    HostName 54.123.45.67
    User ec2-user
    IdentityFile ~/.ssh/my-key.pem
    StrictHostKeyChecking accept-new
    UserKnownHostsFile ~/.ssh/known_hosts

Connect using alias:

ssh my-instance

Port Forwarding

Local Port Forwarding

# Access remote database locally
ssh -i key.pem -L 3306:localhost:3306 user@instance-ip

Remote Port Forwarding

# Make local service accessible to instance
ssh -i key.pem -R 8080:localhost:8080 user@instance-ip

SFTP for File Management

# Interactive file transfer
sftp -i key.pem user@instance-ip

# Commands available:
# get file.txt          - download
# put file.txt          - upload
# ls                    - list files
# cd path               - change directory
# exit                  - quit

Next Steps