Filezilla Aws Ec2 Sftp

Posted onby admin
  1. Aws Sftp Setup
  2. Sftp Ec2

In AWS EC2, you can connect and access files using sftp with your pem key file. In case if you want to access the ec2 instance using ftp not sftp, here we go. First create an instance in AWS. Enter the site name whatever you wish (I named it AWSTraining) On the right side of the dialog box, you will see a box with label Host: Enter public IP or host address of the ec2 instance; From protocol dropdown box, select “SFTP – SSH File Transfer Protocol” In Logon Type dropdown box select “Key file” In User text box, type ec2-user.

Documentation » Using WinSCP » Guides » Cloud Computing » Amazon AWS »

With WinSCP you can easily upload and manage files on your Amazon EC2 (Elastic Compute Cloud) instance/server over SFTP protocol.

Before starting you should:

  • Have WinSCP installed;
  • Have Amazon EC2 instance running;
  • Have enabled inbound SSH traffic from your IP address to your instance;
  • Have your key pair ready;

Collect information about your EC2 instance:

  • Host name: Check Public DNS column on Instances page of Amazon EC2 console. Note that the public DNS may change when instance is restarted.
  • Host key fingerprint: On the first connect you will be prompted to verify server host key.
    • You can locate key fingerprint in server’s initial start log, when host keys are generated.1 Use Actions > Instance Settings > Get System Log command on Instances page of Amazon EC2 console:
      The format of host key display in the log may differ with distribution or its version.
      Alternatively use aws ec2 get-console-output command.
    • If you did not save the fingerprint on the first instance run, but you have another EC2 instance that you can connect to safely (you know its fingerprints), you can connect to the target instance using private IP from the trusted instance. Staying within private Amazon network keeps you safe from man-in-the-middle attacks. When on the trusted instance terminal, you can use following commands to collect fingerprints:
    • If you do not have another trusted instance, you can create new temporary instance, just for the purpose of collecting the keys. First find keys for the new temporary instance, using it’s initial start log. Then collect keys of the target instance by connecting to it from the temporary instance. After that you can discard the temporary instance.


Start WinSCP. Login dialog will appear. On the dialog:

Filezilla Aws Ec2 Sftp

Aws Sftp Setup

  • Make sure New site node is selected.
  • On New site node, make sure SFTP protocol is selected.
  • Enter your EC2 instance public DSN name (see above) into Host name box.
  • User name differs with instance type:
    • For an Amazon Linux AMI, the user name is ec2-user.
    • For a RHEL5 AMI, the user name is either root or ec2-user.
    • For an Ubuntu AMI, the user name is ubuntu.
    • For an Centos AMI, the user name is centos.
    • For a Fedora AMI, the user name is either fedora or ec2-user.
    • For SUSE Linux, the user name is root or ec2-user.
  • Press Advanced button to open Advanced site settings dialog and go to SSH > Authentication page.
  • In Private key file box select the .pem private key file. WinSCP will need to convert the key to its .ppk format (you can then use the converted .ppk key for example with PuTTYSSH client).
  • Submit Advanced site settings dialog with OK button.
  • Save your site settings using Save button.
  • Login using Login button.
  • Verify the host key by comparing fingerprints with those collected before (see above).

If you are managing a large amount of servers, and it is not feasible for you to save a site for each of them in WinSCP, consider using the user script Injecting SFTP or FTP URL to a page (Amazon EC2 management console).

To connect to an EC2 instance in an Amazon VPC, you can tunnel through a NAT instance.


Sftp Ec2

For details, see Connect to FTP/SFTP server which can be accessed via another server only.

In Host name, specify your Instance ID.

Press Advanced button to open Advanced site settings dialog and go to Connection > Proxy page. There:

  • For Proxy type, select Local.
  • In Local proxy command, specify:
  • You may need to set Do DNS name lookup at proxy end to Yes.
  • Upload files to FTP server or SFTP server;
  • Automate file transfers (or synchronization) to FTP server or SFTP server;
  • Official AWS guide for connecting using PuTTY/WinSCP;
  • Connecting securely to Google Compute Engine server with SFTP;
  • Connecting securely to Microsoft Azure service with SFTP or FTPS.
  1. Using cloud-init script.Back