amazon aws tutorial ii: windows and linux on ec2compmed/workshop2011/talks/17b.pdf · amazon aws...
TRANSCRIPT
![Page 1: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/1.jpg)
Amazon AWS Tutorial II:
Windows and Linux on EC2
Shuang Luan
Department of Computer Science
Department of Radiology
University of New Mexico
![Page 2: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/2.jpg)
Amazon EC2 Getting Started
• Official Website: http://aws.amazon.com/ec2
• Sign up (credit card information required).
• Launch Instance
– http://aws.amazon.com/console/
– Username: [email protected]
– Password:
![Page 3: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/3.jpg)
Overview
• Understanding AMI (Amazon Machine Image)
• Launching, using and shutting down a
Windows instance.
• Launching, using and shutting down a Linux
instance.
![Page 4: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/4.jpg)
What is an AMI
• A computer cannot run without first loading
software but must be running before any
software can be loaded, which seems as
impossible as to "pull yourself up by your own
bootstraps.
![Page 5: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/5.jpg)
IBM PC Bootstrapping
• Upon starting, an x86 CPU runs the instruction
located at the memory location CS:IP
F000:FFF0 of the BIOS, which is located at
the 0xFFFF0 linear address.
• This memory location typically contains a
jump instruction that transfers execution to the
location of the BIOS start-up program.
![Page 6: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/6.jpg)
IBM PC Bootstrapping (cont.)
• The BIOS program runs a power-on self test
(POST) to check and initialize required
devices and then goes through a list of non-
volatile storage devices until it finds one that is
bootable.
• A bootable device is defined as one that can be
read from, and the last two bytes of the first
sector contain the word 0xAA55 (also known
as the boot signature).
![Page 7: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/7.jpg)
IBM PC Bootstrapping (cont.)
• Once the BIOS has found a bootable device it
loads the boot sector to hexadecimal Segment:
Offset address 0000:7C00 or 07C0:0000 (maps
to the same ultimate address) and transfers
execution to the boot code.
![Page 8: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/8.jpg)
System Image
• A system image is a copy of the entire state of
a computer system.
• A system is said to be capable of using system
images if it can be shut down and later restored
to exactly the same state.
• E.g., hibernation
![Page 9: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/9.jpg)
Virtualization
• Hardware virtualization or platform
virtualization is the creation of a virtual
machine that acts like a real computer with an
operating system.
• Software executed on these virtual machines is
separated from the underlying hardware
resources.
• For example: Virtual PC, Vmware, VirtualBox.
![Page 10: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/10.jpg)
Amazon Machine Image
• A special type of virtual machine.
• The main component of an AMI is a read-only
file system image which includes an operating
system (e.g., Linux, UNIX, or Windows) and
any additional software required to deliver a
service or a portion of it.
![Page 11: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/11.jpg)
Thus …
• In order to use Amazon EC2, one needs to:
– Select the virtual hardware.
– Pick an AMI to run on the virtual hardware.
– Associate security credentials in order to log in to
the virtual machine.
![Page 12: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/12.jpg)
Overview
• Understanding AMI (Amazon Machine Image)
• Launching, using, and shutting down a
Windows instance.
• Launching, using, and shutting down a Linux
instance.
![Page 13: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/13.jpg)
Region Selection • Amazon has four regions. Each region should
be viewed as total separated from each other,
i.e., with different images, key pairs, and so
on.
![Page 14: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/14.jpg)
Launch a Windows Instance
![Page 15: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/15.jpg)
Choose an AMI
![Page 16: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/16.jpg)
Launch Instance
![Page 17: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/17.jpg)
Advanced Instance Options
![Page 18: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/18.jpg)
Tags
![Page 19: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/19.jpg)
EC2 Tag
• Each EC2 tag consists of a key and a value,
both of which user defines.
• Tag keys and values are case sensitive.
• Prefix AWS is reserved.
• AWS doesn't apply any semantic meaning to
your tags; they're interpreted strictly as strings
of characters. AWS doesn't automatically set
any tags on resources.
![Page 20: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/20.jpg)
Key Pair for Accessing the Instance
![Page 21: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/21.jpg)
Key Pair File
![Page 22: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/22.jpg)
Public Key System
![Page 23: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/23.jpg)
Key Idea
![Page 24: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/24.jpg)
RSA Public Key System
• Developed by Ron Rivest, Adi Shamir, Len
Adleman in 1977, who later shared the 2002
Turing Award.
• The idea of RSA system is based on number
theory in particular the factorization of large
numbers.
![Page 25: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/25.jpg)
Number Theory behind RSA
Let p and q be distinct primes and k is any integer.
Then :
(a) For any integer a with GCD a, pq( ) =1,
ak p−1( ) q−1( )mod pq =1
(b) For any integer a, ak p−1( ) q−1( )+1mod pq = a.
![Page 26: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/26.jpg)
Example
p = 5, q = 7, a =19
GCD a, pq( ) =1
k = 3, ak p−1( ) q−1( ) =193×4×6 =1972
=1.1755991641121183246595167229728 ×1092
ak p−1( ) q−1( )
mod pq =1
ak p−1( ) q−1( )+1 =193×4×6+1 =1973
= 2.2336384118130248168530817736483 ×1093
ak p−1( ) q−1( )+1
mod pq =19.
![Page 27: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/27.jpg)
How to use the theorem? • Suppose we have two primes p and q.
– m = pq
– n =(p − 1)(q − 1)
– s: GCD(s, n) = 1
• Announce m and s.
• Encoding
– Someone wants to send me a message a.
– Encryption rule: send me b = as mod m
• Decoding:
– GCD(s, n)=1, then ts + kn = 1
– bt mod m = (as)t mod m = a-kn+1 mod m = a
![Page 28: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/28.jpg)
Security Rules
![Page 29: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/29.jpg)
Summary
![Page 30: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/30.jpg)
Launched
![Page 31: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/31.jpg)
AWS Console
![Page 32: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/32.jpg)
Retrieve Windows Password
![Page 33: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/33.jpg)
Retrieving Password (cont.)
![Page 34: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/34.jpg)
Retrieving Password (cont.)
![Page 35: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/35.jpg)
After 15 Minutes
![Page 36: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/36.jpg)
Connecting to Windows
![Page 37: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/37.jpg)
Connecting to Windows (cont.)
![Page 38: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/38.jpg)
Connecting to Windows (cont.)
![Page 39: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/39.jpg)
Connecting to Windows (cont.)
![Page 40: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/40.jpg)
Using Windows
![Page 41: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/41.jpg)
Using Windows (cont.)
![Page 42: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/42.jpg)
Terminate Windows Instance
![Page 43: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/43.jpg)
Instance Terminated
![Page 44: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/44.jpg)
Overview
• Understanding AMI (Amazon Machine Image)
• Launching, using and shutting down a
Windows instance.
• Launching, using and shutting down a Linux
instance.
![Page 45: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/45.jpg)
EC2 Tab in the Management Console
![Page 46: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/46.jpg)
Request Instance
![Page 47: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/47.jpg)
Request Instance (cont.)
![Page 48: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/48.jpg)
Request Instance (cont.)
![Page 49: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/49.jpg)
Request Instance (cont.)
![Page 50: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/50.jpg)
Request Instance (cont.)
![Page 51: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/51.jpg)
Request Instance (cont.)
![Page 52: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/52.jpg)
Request Instance (cont.)
![Page 53: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/53.jpg)
Key Pair
• A key pair is a security credential similar to a
password, which you use to securely connect
to your instance once it's running.
![Page 54: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/54.jpg)
Request Instance (cont.)
![Page 55: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/55.jpg)
Secure Shell (SSH)
• Designed to replace Telnet, which send
information, notably passwords, in plaintext.
• Intended to provide confidentiality and
integrity of data over an unsecured network
such as the Internet.
• Uses public-key cryptography to authenticate
the remote computer and the user.
![Page 56: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/56.jpg)
SSH Preparation: Client
• As a user, you generate an “identity” on the client system by running the ssh-keygen.
• This program creates a subdirectory $HOME/.ssh and inserts in it two files named identity and identity.pub which contain your private and public keys for your account on the client system.
• This latter file can then be appended to a file $HOME/.ssh/authorized_keys that should reside on any/all servers where you will make ssh connections.
![Page 57: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/57.jpg)
SSH Preparation: Server
• As a system administrator, you generate a public and private key pair for the system itself.
• If someone wants to fake the server, they will have to break into the system and steal its private key.
• The biggest task is collecting and distributing the keys that identify all the hosts which run ssh.
![Page 58: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/58.jpg)
SSH Authentication
• A user attempts to SSH into the server.
• The server sends its PUBLIC KEY to the user.
• The user checks to see if the PUBLIC KEY exists already in its system. If not, the user is warned. Once the user accepts the key, it is added to the trusted list.
• The user uses the server's PUBLIC KEY to encrypt all communications to the server.
• At the initial stage, this would include user name, password.
![Page 59: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/59.jpg)
SSH Authentication (cont.)
• The user also sends it's PUBLIC KEY to the server. (NOT the same as the Server's PUBLIC KEY).
• The server uses it's own PRIVATE KEY to decrypt all communications from the user (encrypted using the server's PUBLIC KEY). The server then uses the user's PUBLIC KEY to encrypt all communications to the user.
• The user uses it's PRIVATE KEY to decrypt all communications sent by the server (encrypted using the user's PUBLIC KEY).
![Page 60: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/60.jpg)
No Password Authentication • Client attempts to connect to the server.
• Server checks to see if .rhosts or /etc/hosts.equiv exist (or .shosts and /etc/shosts.equiv)
• Server checks to see if client's host public key is known (i.e. if it exists in /etc/ssh_known_hosts or ~/.ssh/ssh_known_hosts)
• If found server uses the client's public key and generates an encrypted challenge to the client.
• Client decrypts challenge using its host private key and responds.
• Session is authenticated without use of a password.
![Page 61: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/61.jpg)
Key Pairs from EC2
• I think the key pair we downloaded from EC2
contains the public and private key used by the
client.
• This is why “Amazon does not store the
private key for security reasons. This is most
easily retrieved from one of the other
Compmed staff. If the private key is lost or
stolen, then a new public and private certificate
should be generated as soon as possible”.
![Page 62: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/62.jpg)
Request Instance (cont.)
![Page 63: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/63.jpg)
Request Instance (cont.)
![Page 64: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/64.jpg)
Request Instance (cont.)
![Page 65: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/65.jpg)
Instances
![Page 66: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/66.jpg)
Login to Instance
![Page 67: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/67.jpg)
Installing gcc
!"#$%&"'%()!*+,,%-..%
![Page 68: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/68.jpg)
Installing g++
!"#$%&"'%()!*+,,%-..%
![Page 69: Amazon AWS Tutorial II: Windows and Linux on EC2compmed/workshop2011/talks/17b.pdf · Amazon AWS Tutorial II: Windows and Linux on EC2 Shuang Luan Department of Computer Science Department](https://reader031.vdocuments.us/reader031/viewer/2022030503/5aaff7e17f8b9a25088e229c/html5/thumbnails/69.jpg)
Thank You.