Initiating a connection to an Amazon EC2 Linux instance with desktop functionality using PuTTY provides terminal access but does not permit access to desktop functionality.

This article describes how to enable connections from the Windows Remote Desktop client to the desktop of an Amazon EC2 Linux instance running openSUSE Leap 42.2. These steps install a remote desktop protocol (RDP) server, a lightweight desktop environment, and a graphical desktop sharing system. These steps are specific to an Amazon EC2 Linux instance of openSUSE Leap 42.2. You can find an openSUSE Leap 42.2 Amazon Machine Image (AMI) in the AWS Marketplace when you select Launch an Instance from the Amazon EC2 console and choose an AMI. The AMI used for this article is ami-15813e75.For more information about locating AMIs, see Finding a Linux AMI.

Important: It is a security best practice to use port forwarding and tunnel RDP client connections through SSH when remotely accessing an EC2 Linux instance desktop. For more information, see How can I securely connect to an Amazon EC2 Linux instance with desktop functionality from Windows?

Note: Amazon Linux does not provide any desktop GUI functionality. Therefore, EC2 Linux instances that are running the Amazon version of Linux cannot be configured for connectivity from an RDP client.

1.    Complete Step 1 of Getting Started with Amazon EC2 Linux Instances; be sure to launch an instance of openSUSE Leap 42.2.

2.    Verify that you can connect to your instance as described at Connecting to Your Linux Instance from Windows Using PuTTY. Specify the username 'ec2-user' when you connect to the instance.

3.    Consider creating a 'baseline' backup of your EC2 instance before configuring the instance for RDP client access. You do this by creating a snapshot of the Amazon EBS volume that serves as the root device for your instance as described at Creating an Amazon EBS Snapshot. Note that as a best practice, you should always stop an EC2 instance before you create a snapshot of the EBS volume that serves as the root device for the instance. You can restart the EC2 instance after successfully creating the snapshot.

4.    Connect or re-connect to your EC2 Linux instance.

5.    Install the GNOME desktop. 

sudo zypper install gnome-session

6.    Install xrdp, vnc and the remmina vnc plug-in.

sudo zypper install xrdp tigervnc remmina-plugin-vnc

7.    Update the instance with the YaST configuration management software.

sudo yast
  • Use your keyboard arrow keys to select the Software module and then the Online Update option and press Enter. When you are in the YaST configuration interface, you can:
    • Press Tab to navigate to the list of available package updates.
    • Use the keyboard up and down arrow keys to select individual package updates.
    • Press Spacebar to toggle installation options.
      Note: Because YaST is used to apply package updates, consider using the YaST filter option to install YaST package updates first and then install recommended patches after YaST has been updated.
  • After you have specified installation options for each package, press Tab to choose the Accept option and press Enter.
  • When updates are completed, press Tab to navigate to the appropriate option to either close a readme file, acknowledge that the patch update has finished, or acknowledge that a system reboot is required.
  • Press Tab to navigate to the Quit option and press Enter to exit YaST.
  • Depending on the updates that were installed, you might need to reboot the instance.
sudo reboot

8.    Start xrdp and configure xrdp for automatic startup.

sudo systemctl start xrdp
sudo systemctl enable xrdp

9.    Temporarily gain root privileges and change the password for the ec2-user account to a complex password to enhance security. Press the Enter key after typing the command sudo passwd ec2-user, and you will be prompted to enter the new password twice.

sudo passwd ec2-user

10.   Enable VNC remote login.

  • Run the YaST configuration management software.
sudo yast
  • Select the Network Services module.
  • Select the Remote Administration (VNC) option and press Enter.
  • Select and enable the option Allow Remote Administration with Session Management.
  • Press Tab to navigate to the Firewall Settings for SuSEfirewall2 and enable the option to Open Port in Firewall if the firewall is enabled.
  • Press Tab to navigate to the OK option and press Enter.
  • Press Enter if prompted to install any required packages.
  • Press Tab to navigate to the Quit option and press Enter to exit YaST.

11.   On Windows, open the Remote Desktop Connection client (mstsc.exe) and modify the default value for Colors located under the Display tab. Change this value from "Highest Quality (32 bit)" to a different value such as "High Color (16 bit)". Then paste the fully qualified name of your Amazon EC2 instance as the value for Computer located on the General tab, and choose Connect.

12.   When prompted to Login, enter the username ec2-user with the new password that you created in step 9. Choose OK to connect to the desktop of your instance.

Important: Because the default user account can gain administrative rights to your instance, consider creating a less privileged user account with a strong password for remotely accessing the instance. For more information, see How do I add new user accounts with SSH access to my Amazon EC2 Linux instance? Because you are enabling password authentication for your instance, you might also consider renaming the default user account to something other than 'ec2-user', which is the default user account for all EC2 Linux instances running openSUSE Leap.


Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center.

Published: 2017-09-29