Bird
Raised Fist0
AWScloud~20 mins

Connecting to EC2 instances in AWS - Practice Problems & Coding Challenges

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Challenge - 5 Problems
🎖️
EC2 Connection Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
service_behavior
intermediate
2:00remaining
How does SSH key pair affect EC2 instance connection?

You launched an EC2 instance with a specific SSH key pair. What happens if you try to connect to the instance using a different private key?

AThe connection succeeds but you get a warning about mismatched keys.
BThe connection is refused because the private key does not match the instance's public key.
CThe connection succeeds without any issues.
DThe instance automatically updates to accept the new key.
Attempts:
2 left
💡 Hint

Think about how SSH authentication works with key pairs.

Architecture
intermediate
2:00remaining
Which security group rule allows SSH access to an EC2 instance from anywhere?

You want to connect to your EC2 instance via SSH from any location. Which inbound security group rule should you configure?

AAllow inbound TCP traffic on port 80 from 0.0.0.0/0
BAllow inbound UDP traffic on port 22 from 0.0.0.0/0
CAllow inbound TCP traffic on port 22 from 0.0.0.0/0
DAllow inbound TCP traffic on port 22 from the instance's private IP
Attempts:
2 left
💡 Hint

SSH uses a specific port and protocol.

Configuration
advanced
2:00remaining
What is the effect of disabling source/destination check on an EC2 instance?

You disable the source/destination check on an EC2 instance. What behavior does this enable?

AThe instance will automatically update its security group.
BThe instance will reject all incoming traffic.
CThe instance will only accept traffic from its own IP address.
DThe instance can act as a network router or NAT device.
Attempts:
2 left
💡 Hint

Think about routing and forwarding network packets.

security
advanced
2:00remaining
What happens if you expose your EC2 private key file publicly?

You accidentally upload your EC2 private key file to a public repository. What is the immediate risk?

AAnyone with the key can connect to your EC2 instances using SSH.
BAWS automatically revokes the key and blocks access.
CThe key becomes invalid after 24 hours automatically.
DOnly users in your AWS account can use the key.
Attempts:
2 left
💡 Hint

Consider what the private key controls in SSH access.

🧠 Conceptual
expert
2:00remaining
Why might you use Session Manager instead of SSH to connect to EC2 instances?

Session Manager is an AWS Systems Manager feature. What is a key advantage of using Session Manager over traditional SSH to connect to EC2 instances?

AIt allows secure shell access without opening inbound ports or managing SSH keys.
BIt requires you to open port 22 but uses a different authentication method.
CIt only works with Windows instances, not Linux.
DIt requires a VPN connection to your VPC.
Attempts:
2 left
💡 Hint

Think about network security and key management.

Practice

(1/5)
1. What is the primary method to securely connect to an AWS EC2 Linux instance?
easy
A. Using FTP with username and password
B. Using HTTP protocol
C. Using SSH with a private key file
D. Using RDP without any credentials

Solution

  1. Step 1: Understand connection protocols for EC2 Linux

    Linux EC2 instances use SSH (Secure Shell) for secure remote access.

  2. Step 2: Identify the authentication method

    SSH requires a private key file (.pem) to authenticate securely without passwords.

  3. Final Answer:

    Using SSH with a private key file -> Option C

  4. Quick Check:

    SSH + private key = secure EC2 Linux access [OK]
Hint: SSH with private key is standard for Linux EC2 [OK]
Common Mistakes:
  • Trying to use HTTP or FTP for EC2 Linux connection
  • Using RDP which is for Windows instances
  • Connecting without a private key
2. Which command correctly connects to an EC2 instance with IP 203.0.113.25 using the private key file mykey.pem and default username ec2-user?
easy
A. ssh -key mykey.pem ec2-user@203.0.113.25
B. ssh -i mykey.pem ec2-user@203.0.113.25
C. ssh ec2-user@203.0.113.25 -i mykey.pem
D. ssh -pem mykey.pem ec2-user@203.0.113.25

Solution

  1. Step 1: Recall SSH command syntax for private key

    The correct syntax is ssh -i <keyfile> <user>@<ip>.

  2. Step 2: Match the command with the syntax

    ssh -i mykey.pem ec2-user@203.0.113.25 matches the correct order and flags exactly.

  3. Final Answer:

    ssh -i mykey.pem ec2-user@203.0.113.25 -> Option B

  4. Quick Check:

    ssh -i keyfile user@ip = correct syntax [OK]
Hint: Use -i before key file in ssh command [OK]
Common Mistakes:
  • Placing -i after user@ip
  • Using -key or -pem flags which don't exist
  • Omitting the -i flag
3. Given the command ssh -i mykey.pem ubuntu@198.51.100.10, what will happen if the private key file mykey.pem has permissions set to 777?
medium
A. Connection will fail due to insecure key file permissions
B. Connection will succeed without warnings
C. SSH will prompt for a password instead
D. The instance will reject the username 'ubuntu' automatically

Solution

  1. Step 1: Understand SSH key file permission requirements

    SSH requires private key files to have strict permissions (usually 400 or 600) to prevent unauthorized access.

  2. Step 2: Effect of 777 permissions on SSH connection

    Permissions 777 are too open, so SSH refuses to use the key and fails the connection.

  3. Final Answer:

    Connection will fail due to insecure key file permissions -> Option A

  4. Quick Check:

    Too open key permissions = connection failure [OK]
Hint: Private key must have strict permissions (chmod 400) [OK]
Common Mistakes:
  • Assuming connection works with any key permissions
  • Thinking SSH will ask for password if key is insecure
  • Believing username causes rejection here
4. You try to connect to your EC2 instance but get a timeout error. Which of the following is the MOST likely cause?
medium
A. Your private key file is missing
B. The instance is running Windows OS
C. You used the wrong username for the instance
D. Your security group does not allow inbound SSH (port 22) traffic

Solution

  1. Step 1: Analyze timeout error causes

    Timeout usually means network traffic is blocked or unreachable, not authentication issues.

  2. Step 2: Check security group rules

    If inbound SSH (port 22) is not allowed, connection attempts will time out.

  3. Final Answer:

    Your security group does not allow inbound SSH (port 22) traffic -> Option D

  4. Quick Check:

    Timeout = blocked port 22 in security group [OK]
Hint: Check security group allows port 22 inbound [OK]
Common Mistakes:
  • Confusing timeout with wrong username errors
  • Assuming missing key causes timeout instead of auth failure
  • Thinking OS type causes timeout
5. You have an EC2 instance running Amazon Linux and another running Ubuntu. Which usernames should you use to connect via SSH respectively?
hard
A. ec2-user for Amazon Linux, ubuntu for Ubuntu
B. root for Amazon Linux, admin for Ubuntu
C. admin for Amazon Linux, ec2-user for Ubuntu
D. ubuntu for Amazon Linux, ec2-user for Ubuntu

Solution

  1. Step 1: Identify default SSH usernames per OS

    Amazon Linux uses ec2-user and Ubuntu uses ubuntu as default SSH usernames.

  2. Step 2: Match usernames to instances

    Use ec2-user for Amazon Linux and ubuntu for Ubuntu instances.

  3. Final Answer:

    ec2-user for Amazon Linux, ubuntu for Ubuntu -> Option A

  4. Quick Check:

    Amazon Linux = ec2-user, Ubuntu = ubuntu [OK]
Hint: Match username to OS: ec2-user for Amazon Linux [OK]
Common Mistakes:
  • Using root or admin instead of default usernames
  • Mixing usernames between OS types
  • Assuming username is always 'admin'