Having trouble connecting to your Bitnami Linux server with SSH, or using SecureCRT (There IS a bug!)? See below for instructions.
Do you see an error, or know a better way to do something? Please leave a comment and I’ll update.
I built my WordPress Server, using this AWS solution. Very quick and easy.
Launch and configure a WordPress instance with Amazon Lightsail
Following this I wanted to remove the Bitnami banner on my web page. This is the Bitnami icon you can see in the bottom right of the web page. Clicking opens a page of information about Bitnami.
How to Remove Bitnami Banner WordPress AWS
I was having trouble getting SSH to work with certificates directly to my Bitnami Linux server. I like to use SecureCRT, but the guides just discuss using Putty, and I couldn’t connect! So I was getting frustrated and not sure what I was doing wrong. Turned out, nothing, it wasn’t me….. The public certificate located in the Bitnami Linux server was truncated. Looks like only half of it was there.
So the Lightsail default key pair that is generated automatically when you create the site is getting corrupted somewhere on the way to being copied into the Bitnami Linux server.
How to Verify or Setup the SSH Certificates in the Amazon Lightsail Bitnami Linux Server
I will follow the process to setup using the Amazon Lightsail default key pair (these are the certificates). You can opt to generate your own certificate key pair and just add them to the “authorized_keys” file in the same way.
From the Amazon Lightsail Home page: https://lightsail.aws.amazon.com/
Go to your account-Click “Account”:
Click “SSH Keys”:
From the Region your instance is running in, click “Download”. Save the file to somewhere you will keep.
From here, open SecureCRT and create a new profile.
Connection: Add a Name. Set the Protocol to SSH2.
SSH2: Add Hostname: (you can add the IP address if you set a static IP, or DNS name if setup). Add Username: “bitnami”. Remove Authentication options except “PublicKey”. Click Properties beside this.
Select “Use session public key setting”. Select “Use identity or certificate file”. Click … to select the .pem file you saved.
Click “Create Identity File…”
Click “Next”. Leave the next screen as is. Click “Next”.
Passphrase. Leave this next screen as is. Click “Next”. Leave the next screen as is. Click “Next”.
The key is now being generated. Click “Next”.
Select a name so you know what this file is in future.. Click “Next”.
Just remember, the .ppk file is your private key, and the .pub file is your public key.
Go back to the previous screen and update the “Use identity or certificate file”. Click … to select the .ppk file you just saved.
Click “OK” and exit out.
Next you will have this file: “LightsailDefKey-imported-ssh-key.ppk.pub”. You need to edit this file and place a copy of this into your Bitnami Linux server.
First open the file. Right click => Edit with Notepad. You will see something like the below (there may be a few extra lines at the top. copy all the data starting with “AAA” and ending in “Q=”.
—- BEGIN SSH2 PUBLIC KEY —-
AAAAB3NzaC1kc3MAAACBAKoxPsYlv8Nu+fncH2ouLiqkuUNGIJo8iZaHdpDABAvCvLZn
jFPUN+SGPtzP9XtW++2q8khlapMUVJS0OyFWgl0ROZwZDApr2olQK+vNsUC6ZwuUDRPV
fYaqFCHrjzNBHqgmZV9qBtngYD19fGcpaq1xvHgKJFtPeQOPaG3Gt64FAAAAFQCJfkGZ
e3alvQDU8L1AVebTUFi8OwAAAIBk9ZqNG1XQizw4ValQXREczlIN946Te/1pKUZpau3W
iiDAxTFlK8FdE2714pSV3NVkWC4xlQ3x7wa6AUXIhPdLKtiUhTxtctm1epPQS+RZKrRI
XjwKL71EO7UY+b8EOAC2jBNIRtYRy0Kxsp/NQ0YYzJPfn7bqhZvWC7uiC+D+ZwAAAIEA
mx0ZYo5jENA0IinXGpc6pYH18ywZ8CCI2QtPeSGP4OxxOusNdPskqBTe5wHjsZSiQr1g
b7TCmH8Tr50Zx+EJ/XGBU4XoWBJDifP/6Bwryejo3wwjh9d4gchaoZNvIXuHTCYLNPFo
RKPx3cBXHJZ27khllsjzta53BxLppfk6TtQ=
—- END SSH2 PUBLIC KEY —-
Make this a continuous line, with no spaces or carriage returns.
AAAAB3NzaC1kc3MAAACBAKoxPsYlv8Nu+fncH2ouLiqkuUNGIJo8iZaHdpDABAvCvLZnjFPUN+SGPtzP9XtW++2q8khlapMUVJS0OyFWgl0ROZwZDApr2olQK+vNsUC6ZwuUDRPVfYaqFCHrjzNBHqgmZV9qBtngYD19fGcpaq1xvHgKJFtPeQOPaG3Gt64FAAAAFQCJfkGZe3alvQDU8L1AVebTUFi8OwAAAIBk9ZqNG1XQizw4ValQXREczlIN946Te/1pKUZpau3WiiDAxTFlK8FdE2714pSV3NVkWC4xlQ3x7wa6AUXIhPdLKtiUhTxtctm1epPQS+RZKrRIXjwKL71EO7UY+b8EOAC2jBNIRtYRy0Kxsp/NQ0YYzJPfn7bqhZvWC7uiC+D+ZwAAAIEAmx0ZYo5jENA0IinXGpc6pYH18ywZ8CCI2QtPeSGP4OxxOusNdPskqBTe5wHjsZSiQr1gb7TCmH8Tr50Zx+EJ/XGBU4XoWBJDifP/6Bwryejo3wwjh9d4gchaoZNvIXuHTCYLNPFoRKPx3cBXHJZ27khllsjzta53BxLppfk6TtQ=
Place the extra comments around it (one before and one after)-yes. There is a space after and before:
ssh-rsa AAAAB3NzaC1kc3MAAACBAKoxPsYlv8Nu+fncH2ouLiqkuUNGIJo8iZaHdpDABAvCvLZnjFPUN+SGPtzP9XtW++2q8khlapMUVJS0OyFWgl0ROZwZDApr2olQK+vNsUC6ZwuUDRPVfYaqFCHrjzNBHqgmZV9qBtngYD19fGcpaq1xvHgKJFtPeQOPaG3Gt64FAAAAFQCJfkGZe3alvQDU8L1AVebTUFi8OwAAAIBk9ZqNG1XQizw4ValQXREczlIN946Te/1pKUZpau3WiiDAxTFlK8FdE2714pSV3NVkWC4xlQ3x7wa6AUXIhPdLKtiUhTxtctm1epPQS+RZKrRIXjwKL71EO7UY+b8EOAC2jBNIRtYRy0Kxsp/NQ0YYzJPfn7bqhZvWC7uiC+D+ZwAAAIEAmx0ZYo5jENA0IinXGpc6pYH18ywZ8CCI2QtPeSGP4OxxOusNdPskqBTe5wHjsZSiQr1gb7TCmH8Tr50Zx+EJ/XGBU4XoWBJDifP/6Bwryejo3wwjh9d4gchaoZNvIXuHTCYLNPFoRKPx3cBXHJZ27khllsjzta53BxLppfk6TtQ= LightsailDefaultKeyPair
Once you have this, open a SSH session from the Lightsail Home page for your instance. Click the orange square. A new window will open.
From this window, run the below commands to edit the authorized_keys file.
bitnami@ip-172-27-30-22:~$ cd /home
bitnami@ip-172-27-30-22:/home$ ls
bitnami
bitnami@ip-172-27-30-22:/home$ cd bitnami
bitnami@ip-172-27-30-22:~$ ls
apps bitnami_application_password bitnami_credentials htdocs stack
bitnami@ip-172-27-30-22:~$ cd .ssh
bitnami@ip-172-27-30-22:~/.ssh$ ls
authorized_keys
bitnami@ip-172-27-30-22:~/.ssh$ cp authorized_keys authorized_keys.original
bitnami@ip-172-27-30-22:~/.ssh$ vi authorized_keys
Now you can copy the above block we created and past into this file. Overwrite the block that is there, but keep the other information around it (added this for you above “ssh-rsa” and the end comment).
I’m not going to go into the us of Vi. Please Google an intro. Example: An introduction to the vi editor | Enable Sysadmin – Red Hat
Exit and save the file.
Next, restart your server.
Return to your Lightsail Home page. Click the 3 orange dots. Select Reboot.
Give it 2 minutes, then connect using the SecureCRT profile for the device you created initially!
DONE!
Let me know if this process works for you, and if you found this useful in the comments below!!!