How can I use SSH to connect to my Linux Amazon WorkSpaces?

4 minute read
0

I can't use the Amazon WorkSpaces client to connect to my Linux WorkSpace. Or, I want to use the AWS Command Line Interface (AWS CLI) with my Linux WorkSpace.

Resolution

To use SSH to connect to your Linux WorkSpace, identify the WorkSpace IP address and username and the NetBIOS name of your directory. Then, use Linux or PuTTY to connect to your WorkSpace.

Note: If you receive errors when you run AWS CLI commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.

Find the WorkSpace IP address and username

To find the WorkSpace IP address and username, complete the following steps:

  1. Open the Amazon WorkSpaces console.
  2. From the navigation pane, choose WorkSpaces.
  3. Choose the arrow next to your WorkSpace to expand the WorkSpace details. Note the WorkSpace IP and the Username.

Note: The WorkSpace IP is the private IP address of the WorkSpace. The private IP address is required to associate the elastic network interface with the WorkSpace. You can then retrieve information, such as the security group or public IP address that's associated with the WorkSpace.

Add a rule

To add a rule to to your network interface, complete the following steps:

  1. Open the Amazon Elastic Compute Cloud (Amazon EC2) console.
  2. In the navigation pane, choose Network Interfaces.
  3. In the search bar, enter the WorkSpace IP address.
    Important: If you plan to connect to the WorkSpace from outside your virtual private cloud (VPC), then note the IPv4 Public IP address.
  4. Choose the link that's under the Security groups column.
  5. Choose the Inbound tab, and then choose Edit.
  6. Choose Add Rule, and then enter the following values:
    Type: SSH
    Protocol: TCP
    Port Range: 22
    Source: If you connect from outside the VPC, choose My IP, and then enter the IP address for each remote machine. Otherwise, choose Custom, and then enter the private IP address of another Amazon EC2 instance in the same VPC.
    Important: Don't enter 0.0.0.0/0 or allow IP addresses that don't need access.
    Description: Enter a description for your rule.
  7. Choose Save.

Find the NetBIOS name of your directory

To find the NetBIOS name of your directory, complete the following steps:

  1. Open the Directory Service console.
  2. Choose the Directory ID link for your directory.
  3. Note the Directory NetBIOS name.

Connect to your Linux WorkSpace

To connect to your Linux Workspace, complete the following steps based on your method.

Note: For Amazon Linux 2 WorkSpaces launched after November 10, 2023, SSH password authentication is turned of by default. For more information, see Password-based authentication in Amazon Linux 2 WorkSpaces.

Linux

To use Linux to connect to your Linux WorkSpace, complete the following steps:

  1. Run the following command:

    ssh "NetBIOS_NAME\Username"@WorkSpaceIP

    Note: Replace NetBIOS_NAME, Username, and WorkSpaceIP with your values.
    In the following example, the NetBIOS_NAME is testcompany. The Username is testuser, and the WorkSpaceIP is 123.456.789.10.

    ssh "testcompany\testuser"@123.456.789.10
  2. When prompted, enter the same password that you use when you authenticate with the WorkSpaces client. This is your Active Directory password.

PuTTY:

To use PuTTY to connect to your Linux WorkSpace, complete the following steps:

  1. In the PuTTY configuration window, enter the following values:
    For Host Name (or IP address), enter the following command:
    NetBIOS_NAME\Username@WorkSpaceIP
    Note: Replace NetBIOS_NAME, Username, and WorkSpaceIP with your values.
    For Port, enter 22.
    For Connection type, choose SSH.
  2. Choose Open.
  3. When prompted, enter the same password that you use when you authenticate with the WorkSpaces client. This is your Active Directory password.

Note: It's a best practice to use this method only when you connect to a WorkSpace for troubleshooting purposes. After you complete your troubleshooting steps, remove the inbound rule that you added.

Related information

Amazon EC2 security groups for Linux instances

AWS OFFICIAL
AWS OFFICIALUpdated 8 months ago