Opening SSH to AWS-hosted Linux servers via mRemoteNG

mRemoteNGmRemoteNG is nice and lightweight tabbed session manager. It is a perfect fit to manage your remote server farm with both Windows and Linux machines, since it supports multiple connection protocols out of the box – including SSH and RDP (yet, you may need to update your older Windows client to run newer RDP version).

However, connecting to Linux instances that run on AWS requires a bit more than just SSH client. As you probably know, Linux EC2 instances have password authentication disabled by default to prevent brute-force attacks and want you to supply your private key instead. But there is no such field in mRemoteNG configuration pane! So, how can you configure it to send your private key instead of password?

It appears that mRemoteNG relies on embedded PuTTY to provide SSH support. In turn, PuTTY by itself is able to work with private keys authentication required by AWS. Here is the detailed explanation about the configuration steps.

Continue reading “Opening SSH to AWS-hosted Linux servers via mRemoteNG”

How to configure iptables to allow incoming web traffic

One day you need to enable a web server on your Linux box. The steps look simple: turn on httpd, set some content under web root directory – and you are done. Quick test via “telnet localhost 80” assures you that the server is up, and you are going to test it in a browser from other machine… Nothing! In the best case (of Google Chrome) you will get “Error 109 (net::ERR_ADDRESS_UNREACHABLE)”… Actually, this is a good hint for you that the HTTP port on your fresh web server is blocked by internal firewall (in case of Linux it is typically “iptables”). BTW, another test that can give you additional indication is to try to connect to external IP address using telnet from inside the server.

The solution is very simple – add HTTP port to the list of allowed port in iptables configuration. There are many tutorials that explain how to do it via the command line:

iptables -p tcp --dport 80 -j ACCEPT

…but those changes will not survive the VM reboot. The right way is to edit iptables configuration file “/etc/sysconfig/iptables” directly (see example for RedHat-based systems below).

Continue reading “How to configure iptables to allow incoming web traffic”