You launched an EC2 instance with a specific SSH key pair. What happens if you try to connect to the instance using a different private key?
Think about how SSH authentication works with key pairs.
EC2 instances use the public key from the key pair to allow SSH connections. If you use a private key that does not match the public key on the instance, the connection is refused.
You want to connect to your EC2 instance via SSH from any location. Which inbound security group rule should you configure?
SSH uses a specific port and protocol.
SSH uses TCP port 22. Allowing inbound TCP traffic on port 22 from 0.0.0.0/0 means any IP can attempt to connect via SSH.
You disable the source/destination check on an EC2 instance. What behavior does this enable?
Think about routing and forwarding network packets.
Disabling source/destination check allows the instance to forward traffic that is not specifically addressed to it, enabling it to act as a router or NAT.
You accidentally upload your EC2 private key file to a public repository. What is the immediate risk?
Consider what the private key controls in SSH access.
The private key is the secret that allows SSH access. If exposed publicly, anyone can use it to connect to your EC2 instances that accept that key.
Session Manager is an AWS Systems Manager feature. What is a key advantage of using Session Manager over traditional SSH to connect to EC2 instances?
Think about network security and key management.
Session Manager lets you connect securely without opening SSH ports or handling private keys, reducing attack surface and simplifying access.