Skip to main content

Create a Linux EC2 Instance in AWS and Connect Using SSH

Hands-On Lab


Photo of Tia  Williams

Tia Williams

AWS Training Architect II in Content





This hands-on lab will walk you through the process of configuring a Linux EC2 instance and connecting to that instance using SSH. In the lab, we will be using a Mac terminal to connect via SSH. If you are using Windows, please refer to the lesson on connecting to an EC2 instance using SSH from a Windows PC. It will provide information on how to connect to an EC2 instance using PuTTY.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Create a Linux EC2 Instance in AWS and Connect Using SSH

Log in to the AWS Console with the credentials on the Linux Academy hands-on lab page, and then navigate to the VPC Dashboard.

Security Groups

Let's navigate to Security Groups, and we'll see one sitting there. Looking at the rules (in the lower part of the screen), we'll see all traffic is allowed in and out. This needs to be changed a bit, since we don't want all traffic coming in. In the Inbound Rules tab, click the Edit rules button. The rule currently has All traffic selected in the Type column. Select SSH instead. Then over in the Source column, enter

While we're here, add another rule that's exactly the same, except for the Type being HTTP. Click the Save rules button.

Set Up the EC2 Instance

Select an AMI

Navigate to the EC2 Dashboard. Once we're here, let's click the Launch Instance button. We'll land on a screen with a list of AMIs (Amazon Machine Images) to choose from, and the one we want is going to be called something like Amazon Linux AMI. Be careful not to pick the Amazon Linux 2 AMI.

Click the Select button, then on the next screen leave the t2.micro row selected. Click the Next: Configure Instance Details button down in the lower right of the screen.

Configure AMI Details

Here, we're going to leave Network and Subnet alone. The choices that are already populated here are fine. But in the Auto-assign Public IP dropdown, we need to select Enable. We can leave the rest of the form alone, and scroll down. Click the arrow next to Advanced Details. In the User data box, we're going to paste a little Bash script:

yum update -y
yum install -y httpd
service httpd start

We're finished here, so let's click Next: Add Storage and move on. And since we're not making any changes here, we can click on the Next: Add Tags button.

Add Tags

There's another button we need to click on this screen: Add Tag. We need to enter a Key (something simple, like Name) and a Value (again, a simple name like Webserver works), and then click Next: Security Group in the lower right of the screen.

Configure the Security Group

On this next screen, in the Assign a security group section, we want to Select an existing security group, and then select the box next to our existing one that has shown up in the lower portion of the screen.

Launch It

Click the Review and Launch button and then the Launch button. Now we're greeted with a window about key pairs. In the first dropdown, select Create a new key pair and name it something like ec2_linuxla. Click the Download Key Pair button to get the pem file.

Once we click Launch Instances, we'll land on a screen telling us our instance is launching. We can click the View Instances button to watch for when ours goes from a pending to a running status.

Log in with SSH

If you are connecting from a windows computer, please see the lesson on Creating a Linux Instance and using Putty to SSH if you are unsure how to SSH from a Windows Computer: or see

Open a terminal window. Before we can log in, we have to change permissions on our pem file. Assuming it landed in our Downloads directory, run this:

[user@host]$ chmod 400 ~/Downloads/ec2_linuxla.pem

Once that's done, we can log in to our EC2 instance. Grab the public IP of our instance from the Instances page (the one we were watching for our instance status) and run this command, substituting x.x.x.x with the actual public IP:

[user@host]$ ssh -i ~/Downloads/ec2_linuxla.pem ec2-user@x.x.x.x

We can type yes at the prompt about our host's authenticity not being established. We should get right in.

Test HTTP Access

Take that same public IP and paste it into a browser to see what happens. We should see the Amazon Linux AMI Test Page.


You're all set. Congratulations on completing this lab!