I always shuddered when I had to do some SFTP or SSH work with a linux box hosted on Amazon EC2. Instead of giving me the familiar username/password mechanism for authentication, they have required certificate based authentication out of the box.
The command line was easy enough to remember, just pass in “-i” and the name of your PEM file from Amazon. However, the bigger challenge came from when I wanted to leverage tools such as Filezilla and Text Wrangler on my Mac.
However, after a little research, I found the SSH feature of the .ssh/config file to be just the right deal.
Let’s say I have a linux box by the name of ec2-fakedns-name.amazonaws.com, and a user name of ubuntu. Let’s also say that I received and downloaded a key file of: MySuperSecretKey.pem.
All I need to do is edit (or create) the “~/.ssh/config” file.
For each amazon server, I add an entry similar to the following:
Host fakeServer HostName ec2-fakedns-name.amazonaws.com User ubuntu IdentityFile /Users/john.andersen/MySuperSecretKey.pem
Text Wrangler
Now, to connect via Text Wrangler, I create a bookmark with the following settings:
When I click on that bookmark, it will take me right into the fakeServer File System.
ssh and sftp
With the .ssh/config file set up, you can easily use the terminal to connect to your server.
The SSH command goes from:
ssh -i ~/MySuperSecretKey.pem ubuntu@ec2-fakedns-name@amazonaws.com
to this simple statement:
ssh fakeServer
The same applies to the “sftp” command as well.
Filezilla
Now for Filezilla, you have to follow a slightly different path as it does not seem to honor the “.ssh/config” identities.
Inside Filezilla, go to your settings page and select “SFTP”. Then click the “Add keyfile…” button.
Browse to, and select the PEM file that Amazon provided you.
FileZilla runs on the Putty key libraries, which do not honor PEM directly. So, it will throw an error on the screen saying that it needs to convert the file to a supported format. Click Yes to allow it to create a PPK file. Set a location for the new PPK file when prompted.
Finally, Hit OK.
Now, when you set up FileZilla to open up your server, it will attempt to authenticate with the key(s) in its keyfile list. If it is successful, a connection will be established.