Session Manager can be configured to connect to remote instance using Secure Shell(SSH) without opening inbound port or maintaining bastion host. You can also copy files between local and remote machine using Secure Copy Protocol(SCP). This feature uses public SSM document AWS-StartSSHSession.
Review SSM Document
Launch an EC2 Instance
Configure ssh proxy command
Browse to the AWS Cloud9 IDE and type the following command
Add below proxy command and save the file (to save, type CTRL-X, type Y and hit Enter).
host i-* mi-*
ProxyCommand sh -c "aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'"
Run the following command to provide adequate permissions to the file.
chmod 600 ~/.ssh/config
SSH to EC2 instance
ssh -i MyKeyPair.pem ec2-user@[INSTANCE-ID] to ssh to the instance session-manager-demo-linux-ssh using PEM file generated during instance launch. Type
yes and press enter to confirm.
exit on terminal to terminate the session.
This video has no audio