Amazon Elastic Compute Cloud
User Guide (API Version 2011-12-15)
AWS Documentation » Amazon EC2 » User Guide » Using Amazon EC2 » Using Instances » Connecting to Instances » Connecting to Windows Instances
Print this pageEmail this pageGo to the ForumsView the PDFShare this page on TwitterShare this page on FacebookBookmark this page on DeliciousSubmit this page to RedditSubmit this page to DiggDid this page help you?  Yes  No   Tell us about it...

Connecting to Windows Instances

Topics

This section describes how to connect to instances running Windows from local machines running Windows, Linux/UNIX, or Mac OS.

Prerequisites

  • Enable RDP traffic—Open the instance's RDP port

    Before you try to connect, ensure that your Amazon EC2 instance accepts incoming RDP traffic (usually on port 3389). For more information, see Authorize Network Access to Your Instances.

  • RDP client—Install an RDP client

    Windows machines include an RDP client by default. For Mac OS X, you can use Microsoft's Remote Desktop Client. For Linux/UNIX, you can use rdesktop.

  • Instance ID—Get the ID of your Amazon EC2 instance

    Retrieve the Instance ID of the Amazon EC2 instance you want to access. The Instance ID for all your instances are available in the AWS Management Console or through the CLI command ec2-describe-instances.

  • Private key—Get the path to your private key

    You'll need the fully qualified path of the private key file associated with your instance. For more information on key pairs, see Getting an SSH Key Pair.

Connect to Windows Instances with RDP

To connect to a Windows instance, you must retrieve the initial administrator password first, and then use it with Remote Desktop. You'll need the contents of the private key file that you created when you launched the instance (e.g., GSG_Keypair.pem).

[Note]Note

The Windows password is only generated the first time an AMI is launched. It is not generated for rebundled AMIs or after the password is changed on an instance.

The password is encrypted using the key pair that you provided and stored within the <password> tags of the console output.

To connect to your Windows instance

  1. If you've launched a public AMI that you have not rebundled, get the instance's RDP certificate.

    1. Go to the AWS Management Console and locate the instance on the Instances page.

    2. Right-click the instance and select Get System Log.

      The System Log dialog box is displayed (it might take a few minutes after the instance is launched before the RDP certificate is available).

      A thumbprint is a series of hexadecimal numbers enclosed in a <THUMBPRINT> tag. For example, a thumbprint might look like <THUMBPRINT>2C81502A74D7B112DF801E460A16F53DFFA202A7</THUMBPRINT>. Note the thumbprints so that you can compare them to the thumbprints of the instance.

  2. Retrieve the initial administrator password:

    1. Navigate to the directory where you stored the private key file when you launched the instance.

    2. Open the file in a text editor and copy the entire contents (including the first and last lines, which contain BEGIN RSA PRIVATE KEY and END RSA PRIVATE KEY).

    3. Go to the AWS Management Console and locate the instance on the Instances page.

    4. Right-click the instance and select Get Windows Password.

      The Retrieve Default Windows Administrator Password dialog box is displayed (it might take a few minutes after the instance is launched before the password is available).

    5. Paste the contents of the private key file into the Private Key field.

    6. Click Decrypt Password.

      The console returns the default administrator password for the instance.

    7. Save the password. You will need it to connect to the instance.

  3. Connect to the instance using Remote Desktop:

    1. Go to the AWS Management Console and locate the instance on the Instances page.

    2. Right-click the instance and select Connect.

    3. Click Download shortcut file.

      Save the shortcut file to a convenient location on your local machine.

    4. Launch the shortcut file.

    5. Log in using Administrator as the username and the administrator password you got in the previous task as the password.

      The Amazon EC2 instance returns a security alert.

    6. To verify the instance, click View Certificate.

      The Certificate page appears.

    7. Click the Details tab.

      The Details page appears.

    8. Select Thumbprint and verify its value against the value you wrote down previously.

      [Important]Important

      If you've launched a public AMI, verify that the thumbprint matches a thumbprint from the instance's RDP certificate. If it doesn't, someone might be attempting a "man-in-the-middle" attack.

    9. If it matches, click OK and then Yes.

      The Remote Desktop Connection client connects to the instance.

Transfer Files to Windows Instances from Windows

One way to transfer files between an Amazon EC2 Windows instance and your local Windows machine is to use the local file sharing feature of Windows Remote Desktop. If you enable this option in your Windows Remote Desktop Connection software, you can access your local files from your Amazon EC2 Windows instances. You can access local files on hard disk drives, DVD drives, portable media drives, and mapped network drives.

For information about this feature, go to the Microsoft Support website or go to The most useful feature of Remote Desktop I never knew about on the MSDN Blogs website.

Document Conventions
Terms of Use		Did this page help you?  Yes  No   Tell us about it...