Create Amazon EC2 Instance running CentOS and setup VPSSIM. Step by Step Guide.

In this post I will guide you how to create an Amazon EC2 Instance with CentOS 7. Login SSH by pem key pair in Windows using PuTTy/Bitvise. Connect it via FTPS with FileZilla. Set up root user. Enable password login to EC2 instead of a keypair if you prefer. Then set up VPSSIM and create a wordpress website using VPSSIM.

1. Create EC2 Instance running CentOS

Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.

Choose Launch Instance to start

Step 1: Choose an Amazon Machine Image (AMI)

In Quick Start, you will see some option like:

Amazon Linux 2 AMI (HVM), SSD Volume Type
Amazon Linux AMI 2018.03.0 (HVM), SSD Volume Type
Red Hat Enterprise Linux 7.5 (HVM), SSD Volume Type
SUSE Linux Enterprise Server 15 (HVM), SSD Volume Type

Don’t select any of them, because we need a centos to install VPSSIM. You can’t install VPSSIM in Amazon Linux 2 or Red Hat…

So, Click to AWS Marketplace

If you only want to set up a WordPress website automatically, you can select WordPress Certified by Bitnami and Automattic. In this post, our purpose is Setup VPSSIM, so we need a fresh Centos. You can find “CentOS” and select one fresh Centos.

Make sure it’s fresh. Example, if you select “CentOS 7.4 Minimal with Webmin (HVM)”, you can’t install VPSSIM.

So, in my opinion, you can select “CentOS 7 (x86_64) – with Updates HVM”

You can read more about this image right here: https://aws.amazon.com/marketplace/pp/B00O7WM7QW

Just click Continue

Step 2: Choose an Instance Type

In this example, I will select t2 micro. It’s free tier eligible with 750 hours of Linux and Windows t2.micro instances each month for one year. You can readmore here: https://aws.amazon.com/ec2/?ft=n

With t2.micro, you have Variable ECUs, 1 vCPUs, 2.5 GHz, Intel Xeon Family, 1 GiB memory, EBS only.

Then, click Next: Configure Instance Details

Step 3: Configure Instance Details

Step 4: Add Storage

Default Size is 8 GiB. However, in Free tier eligible customers can get up to 30 GB of EBS General Purpose (SSD) or Magnetic storage.

Step 5: Add Tags

Click to Add Name tag. This is not required. In this example, I will set Name value is QuyetDoan

Step 6: Configure Security Group

In this example, I will change type to All traffic and Source to Anywhere. You will se a Warning about security setting. But don’t worry, we can also change this rule later.

Review and Launch

If in Step 4, you select Storage Size over 30 GiB, you will see a notice at this step like below:

Then you need to change Size to under 30GiB.

If everything’s ok. You will see this:

Then click Launch

Create a new key pair

After you finish configure the instance. You have to create new key pair or choose an existing one. DON’T select Proceed without a key pair if you don’t know what are you doing.

In this example, my Key pair name is ToanNguyen. Then click Download Key Pair

You have to download the private key file (*.pem file) before you can continue. Store it in a secure and accessible location. You will not be able to download the file again after it’s created. If you try to download file again, you will see an error:

After you download your pem file and save it in a secure place. Then you can click Launch Instances

Now you can view your instance:

2. Login SSH with key pair

2.1. Prerequisites

Download and install PuTTY or Bitvise

We don’t need both to login SSH, you can select just one that you prefer:

You can download PuTTY from from the PuTTY download page: http://www.chiark.greenend.org.uk/~sgtatham/putty/
You also can download Bitvise from the Bitvisde download page: https://www.bitvise.com/ssh-client-download

Check out Public DNS (IPv4) and IPv4 Public IP, we need these info to login SSH

Important Note: When you stop, then restart your Instance. Amazon will release the public IPv4 address and assign a new one. That mean your IPv4 Public IP can be changed. So we have to create an Elastic IP, it’s a a static IPv4 address designed for dynamic cloud computing. An Elastic IP address is associated with your AWS account. So it will not change when you restart your Instance. You can read more about Elastic IP here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html

In next part of this post, I will show you how to create and use an Elastic IP

Default user name for the AMI that you used to launch your instance

For Amazon Linux 2 or the Amazon Linux AMI, the user name is ec2-user.
For a Centos AMI, the user name is centos.
For a Debian AMI, the user name is admin or root.
For a Fedora AMI, the user name is ec2-user or fedora.
For a RHEL AMI, the user name is ec2-user or root.
For a SUSE AMI, the user name is ec2-user or root.
For an Ubuntu AMI, the user name is ubuntu.
Otherwise, if ec2-user and root don’t work, check with the AMI provider.

In this example, I use Centos AMI, so the user name is centos

2.2. Login with PuTTy

Step 1: Converting Your Private Key Using PuTTYgen

Open PuTTYGen (not PuTTY):

From the Start menu, choose All Programs > PuTTY > PuTTYgen

Under Type of key to generate, choose RSA.
If you’re using an older version of PuTTYgen, choose SSH-2 RSA

Choose Load. By default, PuTTYgen displays only files with the extension .ppk. To locate your .pemfile, select the option to display files of all types.

Select your .pem file for the key pair that you specified when you launched your instance, and then choose Open. Choose OK to dismiss the confirmation dialog box.
Choose Save private keyto save the key in the format that PuTTY can use. PuTTYgen displays a warning about saving the key without a passphrase. Choose Yes.

Save your ppk file

Step 2: Starting a PuTTY Session

1. Start PuTTY (from the Startmenu, choose All Programs > PuTTY > PuTTY).

2. In the Category pane, choose Session and complete the following fields:

Host Name: enter user_name@public_dns_name.
- User name: centos
- Public DNS name: ec2-52-221-217-110.ap-southeast-1.compute.amazonaws.com (check it in instance description)

Port: 22
Conection type: SSH

In the Category pane, expand Connection, expand SSH, and then choose Auth. Complete the following:

Choose Browse.
Select the .ppk file that you generated for your key pair, and then choose Open.
(Optional) If you plan to start this session again later, you can save the session information for future use. Choose Sessionin the Category tree, enter a name for the session in Saved Sessions, and then choose Save.
Choose Open to start the PuTTY session.

4. If this is the first time you have connected to this instance, PuTTY displays a security alert dialog box that asks whether you trust the host you are connecting to.

Click Yes.

2.3. Login with BitVise

Step 1: Import key

Just launch Bitvise then click Client key manager

In new window, select Import

You change the option to All Files as below picture then select pem file we already downloaded before. Then click Open

In new window appear, select Import

So, now you can see new item Global 1 in Client Key Manager window. That’s fine. It’s mean we already import key succesful.

Bước 2: Login Bitvise

Host: you fill out IPv4 Public IP or Elastic IP
Port: 22
Username: centos
Initial method: publickey
Client key: select Global 1 that we already created at previos step.

Click Login. It’s done. ^-^

3. Elastic IP

Because IPv4 Public IP can be changed. So we have to create an Elastic IP:

Check Elastic IPs in left panel:

Click to choose Allocate new address

Click to Allocate

Close and Assoicate address

Select Your Instance and Private IP. Then click Asociate

So, your Associate address request succeeded

Now you can also login your SSH with host name: user_name@elastic_ip.

4. Enable Root login for EC2 Instance

By default, you have to login your EC2 instance as defaut user (centos for CentOS, ec2-user for Amazon Linux 2 or the Amazon Linux AMI)

If you try to login SSH with root user, you will see an error:

There are 2 ways to solve this problem that you can login SSH with root:

Enable password login instead of a key pair: With this way, you can login your SSH, FTPS with root and the password you set.
If you dont want enable password login, you can follow instruction below to enable root login when you login with Key Pair.

Step 1: Change to superuser:

sudo -s

Step 2: Edit Athorized keys

I will use Vi to edit file authorized_keys:

vi /root/.ssh/authorized_keys

Press i to change to insert mode. Then delete the lines at the begining of the file until you get to the words ssh-rsa. Press ESC key when you’re done to go back to command mode. Then type :wq and press enter to write the file to disk and quit vi.

Step 3: Edit sshd_config

We need comment out the line “PermitRootLogin” in sshd_config.

We will use vi editor to edit this file

vi /etc/sshd_config

Press i to change to insert mode, then you can easily edit its content. Find “PermitRootLogin” and comment out.

When you done with editing. Press ESC to back to command mode. Then type :wq and press enter to write the file to disk and quit vi.

Step 4: Then restart the ssh service

Restart the ssh service in Centos 7+ with this command

/bin/systemctl restart sshd.service

Now you can Login EC2 Instance as root.

5. Connect to Amazon EC2 file directory using Filezilla and SFTP

1. Edit (Preferences) > Settings > Connection > SFTP, Click “Add key file”

2. Browse to the location of your .pem file and select it.

3. A message box will appear asking your permission to convert the file into ppk format. Click Yes, then give the file a name and store it somewhere.

If the new file is shown in the list of Keyfiles, then continue to the next step. If not, then click “Add keyfile…” and select the converted file.

File > Site Manager > Add a new site with the following parameters:

Host: Your public dns name of ec2 instance, or Elastic IP
Protocol: SFTP
Logon Type: Normal
User: centos or root
Password: Password of user. Keep it blank if you have not set passwd for that user yet.

6. Enable password login instead of a key pair

This section is optional, you can ignore this part if you don’t want to enable password login. With instruction in section 4, 5 we’re already possible to login SSH & FTPS. If you don’t like solution I write in section 4 & 5, you can follow guide in this section, so you can also login SSH & FTPS with root user and password.

Step 1: Login SSH (via Key pair)

You have to login SSH with Key Pair first as my introduction above.

Step 2: Set password for user

sudo -s
passwd root

Step 3: Update the PasswordAuthentication parameter

Edit file /etc/ssh/sshd_config with Vi:

vi /etc/ssh/sshd_config

Press i to change to insert mode. Comment out the line PasswordAuthentication yes. When you done with editing. Press ESC to back to command mode. Then type :wq and press enter to write the file to disk and quit vi.

Step 4: Restart the SSH service.

/bin/systemctl restart sshd.service

7. Setup VPSSIM

Before setup VPSSIM, you need a fresh VPS or dedicate server with centos 6.X (64 bit only) or 7.X.

This instruction can use to set up VPSSIM for any new VPS/ Server with Centos, not only for Amazon EC2 Instance.

Note: If you don’t like VPSSIM, you can choose any other scipts that you prefer like Hocvps, EasyEngine, Centmin Mod, RunCloud, Webinoly. Make sure it works on your current OS. Example: If you want to use easyengine, coz CentOS or any other Linux Distro is not currently supported, so you need select other image like Ubuntu version 12.04, 14.04, 16.04, 18.04 or Debian 7 & 8.