Opening SSH to AWS-hosted Linux servers via mRemoteNG

mRemoteNGmRemoteNG is nice and lightweight tabbed session manager. It is a perfect fit to manage your remote server farm with both Windows and Linux machines, since it supports multiple connection protocols out of the box – including SSH and RDP (yet, you may need to update your older Windows client to run newer RDP version).

However, connecting to Linux instances that run on AWS requires a bit more than just SSH client. As you probably know, Linux EC2 instances have password authentication disabled by default to prevent brute-force attacks and want you to supply your private key instead. But there is no such field in mRemoteNG configuration pane! So, how can you configure it to send your private key instead of password?

It appears that mRemoteNG relies on embedded PuTTY to provide SSH support. In turn, PuTTY by itself is able to work with private keys authentication required by AWS. Here is the detailed explanation about the configuration steps.

Step 1 – Prepare PPK file

First of all, you’ll need to convert your private key from PEM format provided by AWS to PPK format supported by PuTTY. Standalone PuTTY installations usually come bundled with PuTTYgen utility that can do the job for you, so if you already have one – feel free to find it somewhere under Start Menu. Otherwise, you can grab fresh PuTTYgen copy directly from PuTTY download page.

1. Open PuTTYgen and import your PEM file via “Conversions” => “Import key” menu.

PuTTYgen Import

2. (Optional) Provide some meaningful comment in “Key comment” field so you’ll be able to recall the source of this key.

3. (Optional) Provide and confirm passphrase for additional security. You can skip this step and ignore the warning during the save operation if you are not paranoid enough 🙂

4. Save this key in PPK format via “Save private key” button. Now you are ready to the next step.

PuTTYgen Save

Step 2 – Prepare PuTTY session

1. Open mRemoteNG and go to “Tools” => “Options” menu.

2. In the Options dialog, select “Advanced” section and click on “Launch PuTTY” button on the right.

mRemoteNG Launch PuTTY

3. In embedded PuTTY configuration window go to “Connection” => “SSH” => “Auth” node in the tree on the left.

4. In the bottom-right, browse for the PPK file you prepared in the step 1.

PuTTY Auth

5. Now go to “Session” node, provide some name in the “Saved Sessions” edit box (for example, “AWS”) and click “Save”.

PuTTY Save

6. Close PuTTY configuration window and mRemoteNG options dialog. Your PuTTY session is now ready.

Step 3 – Configure mRemoteNG

Now all that you have to do is to inform mRemoteNG to use your fresh PuTTY session in SSH connections to AWS.

mRemoteNG Session

Credits go to this Nick Hardman’s post that helped me to connect things together!

31 thoughts on “Opening SSH to AWS-hosted Linux servers via mRemoteNG

  1. Thanks for the namecheck, Anton. I appreciate it.

    I see you work on one of the big three cloud providers (Azure, as opposed to Amazon and Google). I hope you keep on producing the howtos here – I am no Azure expert (hey, can’t know everything, right?) and I rely on articles like yours when I get stuck.

  2. Dude!! You are the best!!! Your post was exactly what I was looking for and you did an awesome jobs explaining and including pictures.
    It was so easy to configure mRemoteNG with pem I’ve got from AWS
    Thank you so much!
    Gracias from Spain

  3. Exactly what I needed, thanks so much for writing this. Surprised there’s no way to load private keys directly into mRemoteNG.

  4. Hi

    Thanks for the steps. Very helpful.

    Is there a way if i have a jumpserver/gateway server to use before login to AWS server

    I have set my putty to connect to jump server with key, but again i have to do ssh from jump server to aws server and sudo to the user.

    1. To use a jumphost, use ssh from your local host to run a command on the jumphost; the command you run is “ssh user@wherever”, with “wherever” being your final destination and “user” being the user you will be logging into the final destination as. You will need the appropriate keys on the jumphost of course.

      If your jumphost is Windows, investigate “plink.exe” which is pretty much a command line ssh client for Windows.

      From a linux host to an EC2 instance via a jumphost on the command line:

      ssh youLocal@jumphost ssh youRemote@finalHost

      Depending on the jumphost and the final destination you may need some ssh options. For example, do this if it complains about stdin not being a terminal:

      ssh -t youLocal@jumphost ssh youRemote@finalHost

      You can make these chains as long as you like, but remember each hop adds a layer of encryption, so your payloads are getting smaller 🙂 And try to use ssh-agent, otherwise you will be typing a lot of passwords.

      Regards, K.

  5. Just wanted to add, i had putty configured separately to start, with username@aws.publicdns.com.

    Delete that out of Putty, just save the session with the key info.

    In RemoteNG just use ‘username’ in the username field, not ‘username@aws.publicdns.com’

  6. Thanks a lot for the help. I was wondering how can I connect with a ssh key for sometime now.

  7. I’ve even realised why I wasn’t able to configure keep-alive properly in mRemoteNG. Thanks a million!

  8. thanks , that is and old post , but still have some issue when try to connect via mRemoteNg. I found my pkk private key is not save properly in advanced option. every time I save the putty and came back to setting private key is not there! ,anyone had issue like thie?

  9. Which file does mRemoteNG save private keys? I want to have the file shared by mRemoteNG on different machine.

    1. Back in 2013 mRemoteNG was relying on PuTTY, and judging by recent comments on this post it still does 🙂
      I’m not sure this data is readily exposed, though, but googling on how PuTTY handles that is probably the way to go.

Leave a Reply