Skip to main content

Security Groups and SSH keys

Security Groups (The Firewall):

Think of a security group like a bouncer at a club who checks IDs. It controls what traffic can reach your EC2 instance and what traffic can leave it. For example:

  • Want to allow SSH access (so you can connect to your instance)? You set a rule to allow traffic on port 22
  • Need to host a website? Allow traffic on port 80 (HTTP) or 443 (HTTPS)
  • By default, nothing is allowed in (inbound rules) - you have to explicitly permit it
  • All traffic is allowed out (outbound rules) by default

SSH Keys (Your Digital Key):
Just like you need a physical key to enter your house, you need a digital key to connect securely to your EC2 instance. 

Windows: https://www.purdue.edu/science/scienceit/ssh-keys-windows.html

Linux/macOS: open the terminal and type "ssh-keygen -t ed25519", follow the prompts and it will tell you where it saved the keys.

The file ending in .pub is the publickey, and the other one is the private key.

Back to top