4 min read · Dec 15, 2023
--
Ever faced the nightmare of losing your EC2 key pair? Fear not! I’ve got you covered with a foolproof guide on connecting to your EC2 instance without the need for a key pair. 🔐💻
For every EC2 instance we create, we will select the key pair to access the EC2 instance’s SSH.
🔑❓ What if you lose the key pair? 🤔 Don’t worry, I’ve got you covered! 🛡️💻
Yes, you are at the right place for the solution. You may connect to an EC2 instance without a Key Pair.
In this step-by-step blog post, I walk you through the process, ensuring a secure and hassle-free connection. No more worrying about misplaced keys or security concerns. Let’s dive in:
* Security group with only 22 ports allowed for Linux EC2 or 3389 if Windows EC2 instance
* EC2 instance
* VPC endpoint
This VPC endpoint has to be created in the VPC where the EC2 instance resides.
Let's see how to create the VPC endpoint.
Before proceeding to create the VPC endpoint, note down the VPC in which the EC2 instance is created.
Navigate to the AWS VPC console >> Endpoints >> Create endpoint
Enter the Name of the VPC endpoint: my-test-endpoint
Service Category: EC2 Instance Connect Endpoint
Choose the VPC ID of the EC2 instance
Specify the security groups to associate with the endpoint network interface. The security group rules control the traffic to the endpoint network interface from resources in your VPC.
To uphold security best practices, I have created a security group “endpoint-sg” with access to port 22 from my IP.
Select the subnet in which to create the endpoint.
Note: You might create the endpoint in any AZ within the region*
The initial status would be pending. Please wait until it becomes Available.
Please wait till the status becomes Available.
Once the Endpoint becomes available, Proceed to connect the EC2 instance.
Navigate to the AWS EC2 console.
Select the EC2 instance to connect with >> Click Connect
Make sure the instance you are connecting is correct.
Connection Type: Connect using EC2 Instance Connect Endpoint
Username: ec2-user for Amazon Linux or ubuntu for Ubuntu OS
Max Tunnel duration: 3600 (default) — SSH access is open and active till this time
EC2 Instance Connect Endpoint — Select the endpoint that we have created “my-test-endpoint”
Click on Connect
You will see establishing a connection and then connected.
Hurray!! You are connected to the EC2 instance without a keypair.
To uphold the security best practices, I have created the security group with the least minimal access that is only port 22 is allowed from my present IP.
Feel free to share your thoughts and experiences in the comments.
🌐💪 Let’s empower each other in the vast realm of AWS! 💡🚀
🚀 Follow me for more insights on AWS, ☁️ cloud, 🛠️ DevOps, and 🐧 Linux!! 🌐💡