How can I access my Amazon EC2 Mac instance through a GUI?

Resolution

Note: The following steps are tested for macOS Mojave 10.14.6 and macOS Catalina 10.15.7.

1.    Connect to your EC2 macOS instance using SSH.

Linux

Use the following command to use SSH to connected into your EC2 macOS instance as ec2-user. Replace keypair_file with your key pair and Instance-Public-IP with the public IP of your instance.

% ssh -i keypair_file ec2-user@Instance-Public-IP

Windows

Windows 10 and newer versions of Windows Server have an OpenSSH client installed by default. Or, you can activate the OpenSSH client by selecting Settings, Apps, Apps & features, Manage optional features, Add a feature, and then select OpenSSH Client. If you're using an older version of Windows, then use Git Bash to implement the preceding command.

Note: You can make the instance accessible through a public IP address or an Elastic IP address while it's in a public subnet. In this case, use a bastion or jump server to connect to the instance. Or, you can establish a connection using AWS VPN or AWS Direct Connect that allows you to access your instance through a private IP. For security reasons, traffic to the VNC server is tunneled using SSH. It's a best practice to avoid opening VNC ports in your security groups.

2.    Run the following command to install and start VNC (macOS screen sharing SSH) from the macOS instance:

sudo defaults write /var/db/launchd.db/com.apple.launchd/overrides.plist com.apple.screensharing -dict Disabled -bool false
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.screensharing.plist

3.    Run the following command to set a password for ec2-user:

sudo /usr/bin/dscl . -passwd /Users/ec2-user

4.    Create an SSH tunnel to the VNC port. In the following command, replace keypair_file with your SSH key path, and replace 192.0.2.0 with your instance's IP address or DNS name:

ssh -i keypair_file -L 5900:localhost:5900 ec2-user@192.0.2.0

Note: Keep the SSH session running while you're in the remote session.

5.    Using a VNC client, connect to localhost:5900.

Note: macOS has a built-in VNC client. For Windows, you can use RealVNC Viewer for Windows. For Linux, you can use Remmina. Other clients, such as TightVNC running on Windows, don't work with this resolution.

For macOS: To access the VNC viewer, open Finder, select Go, and then select Connect to Server. Or, use the keyboard shortcut CMD + K. Then, enter the following in the Server Address field:

vnc://localhost:5900

For Windows: Using the RealVNC Viewer client, connect to the macOS host over the SSH Local Port Forwarding tunnel. Select New Connection from the File drop-down menu. Then, complete the following fields:

VNC Server: localhost:5900 Encryption: Let VNC Server Choose Select OK.

Note: If you experience authentication errors with RealVNCSet, then set Encryption to Prefer On or Prefer Off until one of those settings works.

6.    The GUI of the macOS launches. Connect to the remote session of the macOS instance as ec2-user using the password that you set in step 3.

You're now logged in to your macOS desktop.

---

Related information

How do I install a GUI on my Amazon EC2 instance running Amazon Linux 2?