avatarTeri Radichel

Summary

The web content provides a detailed guide on how to SSH into an AWS EC2 instance using a Chromebook.

Abstract

The article outlines a step-by-step process for connecting to an AWS EC2 instance from a Chromebook. It begins by acknowledging the unique challenge of using a Chromebook for cloud security labs, which the author encountered while teaching a class. The solution involves downloading an SSH key (.pem file), setting up the Linux (Beta) environment on the Chromebook, sharing the necessary files with the Linux container, and executing SSH commands to establish a connection to the AWS instance. The guide emphasizes security best practices, such as using an ECC SSH key, maintaining read-only access to shared files, and only granting necessary permissions. The author, Teri Radichel, also provides context about her expertise and offers resources for further cybersecurity assistance.

Opinions

  • The author values security, as evidenced by the recommendation to use an ECC SSH key over RSA and the emphasis on not changing file permissions for security reasons.
  • The guide is tailored for users who may not be familiar with Linux commands or AWS EC2 setup, indicating the author's consideration for less experienced users.
  • The author suggests creating a dedicated folder for AWS-related files and copying the .pem file to a location where permissions can be modified, showcasing a preference for organized and secure file management.
  • The article implies that Chromebooks, while different from traditional laptops, can be effectively used for cloud security tasks with the right setup and understanding of the Linux container environment.
  • By sharing personal anecdotes, such as involving family members in testing lab environments, the author conveys a hands-on and practical approach to teaching and problem-solving.

SSH to an AWS EC2 Instance with a Chromebook

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

🔒 Related Stories: Google | AWS

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I teach a cloud security class that involves 4–5 labs (plus bonus labs!) each day. The class covers AWS, Google, and Azure. I hire people to help me test the labs — most often, my niece, as I wrote about in my prior blog post but also my nephews. When my nephew asked if he could do the labs with a Chromebook, I said, “I don’t know, let’s try it!” Come to find out, Chromebooks are a little different. We figured out how to do it, and the steps are as follows:

1. Login to aws.amazon.com on your Chromebook.

2. Launch an AWS EC2 instance (virtual machine), create, and download a new .pem file. It appears your downloads folder.

If you’re not familiar with how to do #2 refer to this AWS EC2 getting started documentation.

Note that you should choose the option for an ECC, not an RSA SSH key for the reasons explained here:

3. To get to the Downloads folder on your Chromebook, click the file folder icon on right below.

4. You should see the file you saved with .pem at the end.

Mine is named chromebook-aws.pem. Replace any instructions below that refer to chromebook-aws.pem with the name you gave your .pem file.

5. Click My files with two fingers. Create a new folder called aws.

6. Click the .pem file in your Downloads folder with two fingers. Choose copy.

7. Click your aws folder. Click paste to copy your .pem file into the aws folder.

Note: We copy the file for two reasons. First, the Downloads folder is temporary, and files in it periodically get deleted. Secondly, we should not share the entire Downloads folder with the Linux container on Chrome, where we want to connect to AWS. We only want it to have access to the files it needs — a good security practice!

8. Click the icons at the bottom right. Then click the gear icon for settings (2nd to the right at the top).

9. In settings, click Linux (Beta) on the left then click Turn on.

10. Click Install.

Note: After Linux installs, you can run standard Linux commands such as pwd to see the name of the current directory. You don’t see any of the files on your Chrome OS. This functionality is for security reasons. Linux poses some additional security risk, and anything you run in Linux is in a separate “container” from things running on your Chromebook. You need to specifically share the files with Linux that you want it to see. Only share the specific files you want the container to access, not the whole operating system, as explained above. Granting too much access is a common security misconfiguration by people who don’t understand container security.

11. Go back to your aws folder and click on it with two fingers. Choose Share with Linux.

12. Now return to your Linux container. Type the following commands to mount the directory in your Linux container and verify you can see your files:

cd /mnt/chromeos/MyFiles/aws
ls

13. Now you should see the file! Remember, your file name may be different.

In all the commands below, replace chromebook-aws.pem with the name of your file.

Note: If you try to change the permissions of the .pem file with the following command, you’ll get a permissions error.

chmod 400 chromebook-aws.pem

That is normal. The mounted and shared files are read-only and non-executable for security reasons. Rather than change those settings, which again poses a security risk, let’s copy the file to a directory where we can edit it.

15. Type these commands to copy the file to your home directory and verify it exists there:

cp chromebook-aws.pem ~/chromebook-aws.pem
cd ~
ls

Now you have a copy of the .pem file in your home directory, and you should be able to edit it.

16. Type the chmod command again.

It works now because you are in a directory where you have permission to edit the file.

17. Go back to your EC2 instance in AWS. Right-click and choose Connect.

18. Copy the SSH command ~ make sure you are using the correct user name.

19. Type yes.

20. You are connected!

Have fun connecting your Chromebook to an AWS EC2 Instance!

Follow for updates.

Teri Radichel | © 2nd Sight Lab 2019

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab
Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation
Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
AWS
Ec2
Ssh
Google
Chromebook
Recommended from ReadMedium
avatarAbhay Parashar
17 Mindblowing Python Automation Scripts I Use Everyday

Scripts That Increased My Productivity and Performance

14 min read
avatarNathan Woolmore
Step-by-step guide to access and set up VNC with a GUI on an AWS Ubuntu EC2 from Your Mac

Need to run Linux Ubuntu in the AWS cloud and also want to access the GUI? Here is the beginner friendly, step by step guide!

6 min read
avatarAlexander Nguyen
The resume that got a software engineer a $300,000 job at Google.

1-page. Well-formatted.

4 min read
avatarJonathan Mondaut
How ChatGPT Turned Me into a Hacker

Discover how ChatGPT helped me become a hacker, from gathering resources to tackling CTF challenges, all with the power of AI.

4 min read
avatarManyi
Creating an AWS EC2 Instance

Here’s a quick guide to launching an EC2 instance on AWS:

1 min read
avatarLiu Zuo Lin
You’re Decent At Python If You Can Answer These 7 Questions Correctly

# No cheating pls!!

6 min read