This post has the ultimate goal for us to figure out how to use Microsoft’s Remote Desktop Protocol, or the Microsoft Terminal Services Client, to connect to an Ubuntu instance or a Linux instance on AWS, Amazon Web Services EC2. That way we can have a GUIon the Ubuntu instance. A lot of people complain that they don’t like using the Linux instances on AWS because they can’t connect to them with a GUI.
So the steps we’re going to use to accomplish that goal is first off we’re gonna start from scratch and configure a Free Tier on AWS. This is step one right here. If you did not know, you can have a Free Tier Linux and a Free Tier Windows instance both running simultaneously for one year when you first sign up for AWS EC2. So it’s a pretty good deal, especially if you want to get familiar with Amazon Web Services as well as maybe Ubuntu or Windows Server 2016, et cetera. So first off we’ll set that up, then we’ll connect to the instance using Secure Shell, which is port 22.
That’s the only port open by default. We’ll use Putty for that. Putty is a Secure Shell client. Then we will, once we’ve secure Shelled into Ubuntu we’ll use apt-get to install some options and we’ll make sure we have the GUI options enabled on Ubuntu. Then what we’ll do is we’ll configure Putty to tunnel our Microsoft Terminal Services Client or RDP traffic through the Secure Shell tunnel, and that will give us the remote GUI. So those are the steps we’re gonna do to accomplish this. So the first thing I’m gonna do over here is start up a new instance. I’m gonna click on Launch Instance, and this is the AWS EC2 console. We have a video that goes over how to set up this console if you haven’t done it before. I’m gonna select the Ubuntu server instance right here. Click on Select, the FreeTier’s already selected.
Click on Review and Launch and Launch. I already have a key pair selected. Again, we go over how to generate this in a previous video. Click on Launch Instances, and these launches pretty quickly. I’m gonna click on View Instances here and look at the one I just launched. I’ve got a few rights here, but this is the one I just launched. You can see it spinning right there. I’m gonna label it (clears throat) Ubuntu. We’ll do Ubuntu GUI Test. And that one looks like it’s already running, so I have it highlighted. Here is our public IP address for the instance we just stood up. I need the public IP address so I can Secure Shell into it. By default, if I go hereto the Launch Wizard, the security group, the only port open is 22.
This is the way we’re going to keep it. It’s much more secure if we tunnel our port 3389 traffic through port 22, so we don’t have to open another port on the EC2 firewall. All right, so let’s go back to our instances and I’m gonna copy that IP address. This is it right here, Ubuntu GUI Test. Here’s the public IP address. Gonna highlight it, right-click on it, copy, then I’m gonna open Putty. I’m gonna do control + V right here and paste the public IP address. You could use the DNS name if you wanted to as well. I’m gonna change a couple of settings here in Putty. First off, I like to get things set up, so I’m gonna name this session as Ubuntu GUI Test. I’m gonna save it, so that right now will save the IP address and anything else I configure. I’m gonna change the font size to be a little bit larger here.
I’ll make it 16 so you can read it. I’m gonna change the colors to have the foreground I’m gonna make black, and then I’m gonna make the background white, so we’ll have a black on white background. It’s a little bit easier to read than white on black. All right, the background needs to be white. Okay, I also have to configure the private key for this session, so if I click on Secure Shellhere I can click on of. Here is where you browse to select the private key. This is my private key right there, and that’s all I’m gonna select right now, but before I click on Connect I’m gonna go back here and save this again so all the stuff I just configured is saved. Now I’m gonna click on Open. (soft dings) I got this message right here, which is to be expected the first time you connect. Click on Yes. Now we’re prompted for the logon. Since we set up an Ubuntu instance, the default logon is Ubuntu, and it’s gonna ask you for the passphrase you used when you generated your private key or the key pair. This is a much more secure way to log on to the system than a username and password. So now I’m on the system, and this is the private IP address for that system. I’m gonna cheat a little bit here, and there is an article right here, this is the URL. I will put this URL beneath the video, but this kind of walks you through at least quite a few steps as far as how to set up the Ubuntu instance for Windows, a GUI, and then the GUI we’re gonna use is the Xfce. (clears throat) So it’s a good idea unless you like to just type things out.
I prefer to copy the commands and paste them into the window, so this is just gonna update the repository, the software repository there and upgrade it, upgrade any existing packages. So when that’s done I’m gonna say yes, there are a few packages that need to be updated. Shouldn’t take too long. When that’s done I’m gonna copy this, which allows us to password authentication because we have to do password authentication since we’re using the WindowsRemote Desktop Client, as it mentions right there, that doesn’t support, in this configuration, it doesn’t support a private-public key pair. So when this is done I’m gonna copy and paste this over there. 99%, again copy, right-click, pasted. Okay, now I need to restart the SSH daemon, so copy this, paste. I didn’t paste right, copy, paste.
Now we need to set a password. Since we enabled password authentication we need to set a password for the Ubuntu account. So go ahead and type in a password if you’re following along. Looks like it was changed successfully. Now we need to install(clears throat) these options, which gives us the GUI functionality. Then we need to make xfce the default window manager for RDP connections, so if you Remote Desktop into it, this is the windowing system you’ll be presented with. So I’m gonna copy that, and when this is finished will paste that. So that finished, now we want to continue here. I’m gonna copy the echo command right here and paste it. If you get this error, that’s not a big deal. We’ll validate it works at the end of this. Then we’ll copy this part right here. I mean basically, you can just copy all these commands over. These work, I have validated it. They will tell you at the very beginning that it will only work with, that it’s only tested with a specific ami version, but the one we’re using is not that same version and it still works, so don’t worry about that.
(clears throat) So the next thing I need to do is this last command right here, copy this. And it looks like it’s configured, and the rest of this stuff here is somewhat applicable but not entirely. So now I need to go to Putty. We need to change a couple of things on Putty, so I’m
gonna go ahead and close this session. So I just type in exit here, and sometimes this does not work unless we reboot the server. So I’m gonna go ahead and reboot it just to avoid having to do it again later. (soft dings) So it’s rebooting, we lost our Putty session. So while that is rebooting we’re gonna configure the tunnel in Putty.
Remember, we want to use a tunnel so we don’t have to set up an additional port for the Windows environment the GUI environment through the EC2 firewall. We ultimately want everything to go through port 22 only Secure Shell, and this is our inbound rule, port 22. There are other ways to do this. You can open up port 3389, but again, you’re exposing yourself to, the more ports you open up the more exposure you have to attacks, the larger your attack surface.
So I’m gonna go ahead and load what we saved before, and what we’re gonna do herein Putty has added a tunnel, so under Secure Shell here and tunnels we’re gonna do a source port, and the whole purpose of this is if somebody connects to a specific port it’s gonna forward that port to the destination. So the source port I’m gonna use here is… The source port, we can make this whatever we want to. I’m gonna use let’s just say 8888. Our destination will be the private IP address of our Ubuntu system, so if we go back to Instances over here on the management console, this is the Ubuntu one, we scroll over here. (clears throat) Here is the private IP address.
We copy that, I’m gonna paste that right here, and then I’m going to put colon 3389. What this does is if the local system sees any traffic destined to port 8888, it’s gonna forward it through the Secure Shell tunnel to this IP address on port3389, so let’s click on Add. So local port 8888 goes to this IP address on the other end of the tunnel on port 3389. So let’s go ahead and click on, scroll up here. I’m gonna save this again, save, click on Open. Now we’re gonna log on. We have to first establish the tunnel before we can connect to it with Remote Desktop, so again, the logon isUbuntu with your passphrase. This is why it’s more secure. And now just to check let’s a neat stat dash ants, and you notice we are listening on port 3389. So this is where the tunnel is going to be established. This is what we set up earlier when we ran through these steps over here on Amazon. You can also Best Windows Server from tryrdp its best RDP provider in the market with various server locations.
We set up this to listen on port 3389. That was not running before. So now that we have the tunnel established via Secure Shell, the next step is to use the Terminal Services Client or Remote Desktop Client right here, and we’re gonna connect to 127.0.0, or you could also type in localhost, on port 8888. This is what I set the tunnel, so now since Putty is listening for local traffic on port 8888, if it sees the traffic it’s gonna push it through the Secure Shell tunnel, the SSH tunnel, and then will connect to this IP address right here on port 3389. That’s the way it should work, so let’s validate it works that way.
So I’m gonna click on Connect. Initiating connection… We can go ahead and click on Yes, so it looks like we’ve connected or otherwise we wouldn’thave gotten that message. Now we have xrdp, so this is where you put in the password for Ubuntu earlier when you were on this step over here where it asks you for, we created a password for Ubuntu. The password you typed in twice the password over here, so Ubuntu with that password. The port can still
be a negative one, that’s fine. It tells us we connected on port 3350 right there. So now it looks like we’ve connected. We can use the default config, that’s fine. If we look under Applications you see we’re running xfce, and you’ve got a GUI now on your Ubuntu instance on AWS EC2. You can do anything through the GUI, but you have to have the backend applications installed. In this case, this is looking for a web browser, but there’s not one installed, so to fix that we can go to a terminal emulator and we can do sudo aptget install firefox.
Yes, and when that’s done (clears throat) the GUI should automatically choose Firefox, but you see while that going you can browse around, use the file manager, and the other tools. When that’s done I can go to applications, Web Browser, now it should know that firefox is installed, and you notice we have a web browser on our Ubuntu instance on EC2, and we
Read Also: Pros and cons of colorful sling bag for kids
can validate our IP address. So what is my IP? (clears throat) You see it’s 22.214.171.124. That over here on a management console, 126.96.36.199, so it is the instance obviously. So that way we’ve got a Windows system. We can add other items to it, we can add LibreOffice if you wanted to or whatever, but you’ve got a GUI on your Ubuntu instance on AWS. So that was the purpose of this video was to show you how to set up a GUI fairly quickly and easily.
There’s a lot more that you can do with that, but this solves the issue a lot of people complain about, at least I hear them complain about it, is they don’t want to use a Linux instance on Amazon EC2 because there’s no GUI. Well, we’ve solved that problem right here. If you have any questions or comments please leave them beneath the video, and if you have any thoughts on another topic you’d like to hear in the future go ahead and leave that as well. Hopefully, you enjoyed this post, and good luck using AWS EC2. We’ll talk to you later.