Loading...

FAQ

What are the best places to go for Amazon EC2 questions?

Click here to go to Amazon EC2 Technical FAQs.

Click here to go to the Amazon EC2 developer forum.

Click here to go to Stack Overflow.

Click here to go to Server Fault.

How do I manage my files?

Amazon EC2 instances do not provide root access by default (you need to connect via SSH using the ec2-user). This means that more configuration is required to provide read-write SFTP access to the back-end. The tutorial here includes instructions on how to do this. Note that use of Amazon EC2 requires a basic facility with the command line. Academic AMIs provide pre-installed functioning web applications, but you will need to configure your own security settings if you want file management capability.

Can I upgrade from a micro instance if I need to?

Yes. It’s easy to upgrade the Free Tier Eligible micros instances found here if your site needs more grunt. Click here for more information.

Can I get a normal IP address?

Yes. Use the Elastic IP function in your AWS Management console. Note that this service is only free if the instance is running. If you shut down your instance for any reason it’s probably best to release the IP address.

What are my name servers?

Amazon provides a service called Route 53 for DNS management, but they do not provide a web interface for it. Interstate 53, Ylastic (and probably other services) can be used for this purpose.

Are there any useful virtualmachines for managing Amazon EC2 instances?

See Interstate 53, Ylastic and Elastic Fox (a Firefox plugin).

Why can’t I SSH into my instance from the command line?

Academic AMIs are intended to get you going with Amazon AWS to the point where you can manage your web application from your browser. If you want to learn any more, there is plenty of information on Google and at the forums noted at the top of this page.

If you can’t SSH in from the command line, though, you may need to:

a] Change the permissions on Your-key.pem to None (for anyone, including you).
b] Ensure the path to Your-key is correct (i.e. it might be /home/you/Amazon/Your-key.pem)
c] Connect as ec2-user instead of root. When you’re in, you’ll be able to become super user using sudo (Unix).

So, rather than using the default SSH setting presented under Instance Management in the Amazon Management Console, you might need to change it to: ssh -i /home/you/Amazon/Your-key.pem ec2-user@ec2-XX-XX-XX-XXX.compute-1.amazonaws.com. Copy this into a terminal and hit Enter.

Note: The article http://www.calebogden.com/wordpress-on-linux-in-the-amazon-cloud-with-mac/ shows you how to change the SSH permissions to allow connection as root. This has not been performed on Academic AMIs.

Are Amazon AMIs safe?

As noted on the homepage, Amazon AMI images need to be used with care, and should only be used for production purposes after being security hardened by someone with adequate technical knowledge. Although no public AMIs can be entirely trusted unless you have the technical knowledge to check and cleanse them thoroughly, Academic AMIs only have basic server packages and a web application installed and have had the SSH keys used to build them deleted, as described by Amazon here. Read this Slashdot entry, and the associated comments that discuss the various sides to the issue, if you’re interested in learning more. Some basic best practices:

  1. Regularly refresh your key pairs rather than using the same ones for multiple AMI instances. They’re easy to generate.
  2. It’s good practice to manage your Amazon access keys and other identity management elements pro-actively, just as you should your passwords.
  3. Set up your own security group, as described in the instructions, and only open ports 80 and 22 (if you don’t want to use SSH you can leave port 22 closed).
  4. If you are using SSH access, take the time to become super user (sudo su) and run find / -name “authorized_keys” -print -exec cat {} \; in a terminal. The only key information that is returned should be your own. If you find additional ones open the files using a text editor like Vi and delete them, or simply stop using the AMI.
  5. Remember that Amazon AMIs can be excellent temporary sandbox environments, but shouldn’t be used for production purposes unless you have the necessary technical skills. Solid production sites that use Amazon AWS will have been built from the ‘ground up’ without the use of an AMI.

 

 

 

 

 

 

 

 

 

Dr. James Smithies

Director | King’s Digital Lab

King's College London

Strand | London WC2R 2LS

Blog Categories
Digital Humanities | History