How to Setup SSH Connections to AWS CodeCommit Repositories

Note: You must have attached AWSCodeCommitFullAccess policy in your account.

1. Open terminal then run command to generate a new SSH key

$ ssh-keygen

You should see something like this:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/user-name/.ssh/id_rsa): <Just press enter>

Enter passphrase (empty for no passphrase): <Just press enter>
Enter same passphrase again: <Just press enter>

Your identification has been saved in /home/user-name/.ssh/id_rsa.
Your public key has been saved in /home/user-name/.ssh/id_rsa.pub.
The key fingerprint is:
45:63:d5:99:0e:99:73:50:5e:d4:b3:2d:86:4a:2c:14 user-name@client-name
The key's randomart image is:
+--[ RSA 2048]----+
|        E.+.o*.++|
|        .o .=.=o.|
|       . ..  *. +|
|        ..o . +..|
|        So . . . |
|          .      |
|                 |
|                 |
|                 |
+-----------------+

This generates:

  • The id_rsa file, which is the private key file.
  • The id_rsa.pub file, which is the public key file.

2. Copy the SSH key to your clipboard

Using xclip:

$ sudo apt-get install xclip

Downloads and installs xclip. If you don’t have apt-get, you might need to use another installer (like yum)

$ xclip -sel clip < ~/.ssh/id_rsa.pub

Copies the contents of the id_rsa.pub file to your clipboard

Manual copy

Go to your ssh folder directory

 $ cd ~/.ssh

Copy contents of id_rsa.pub file

ssh-rsa EXAMPLE-AfICCQD6m7oRw0uXOjANBgkqhkiG9w0BAQUFADCBiDELMAkGA1UEBhMCVVMxCzAJB
gNVBAgTAldBMRAwDgYDVQQHEwdTZWF0dGxlMQ8wDQYDVQQKEwZBbWF6b24xFDASBgNVBAsTC0lBTSBDb2
5zb2xlMRIwEAYDVQQDEwlUZXN0Q2lsYWMxHzAdBgkqhkiG9w0BCQEWEG5vb25lQGFtYXpvbi5jb20wHhc
NMTEwNDI1MjA0NTIxWhcNMTIwNDI0MjA0NTIxWjCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAldBMRAw
DgYDVQQHEwdTZWF0dGxlMQ8wDQYDVQQKEwZBbWF6b24xFDAS=EXAMPLE user-name@ip-192-0-2-137

3. Sign in to the AWS Management Console and open the IAM console

4. In the navigation pane of IAM Console, choose Users, and from the list of users, choose your IAM user.

5. Click the Security Credentials tab on the users details page and then click Upload SSH public key.

6. Copy or save the information in SSH Key ID

For example: APKAEIBAERJR2EXAMPLE

7. On your local machine, use a text editor to create a config file in the ~/.ssh directory.

8. Add the following lines to your config file, where the value for User is the SSH key ID you copied earlier:

Host git-codecommit.*.amazonaws.com
  User APKAEIBAERJR2EXAMPLE
  IdentityFile ~/.ssh/codecommit_rsa

Save and Close file

9. Change the permissions for your config file.

$ chmod 600 config

10. Test your SSH configuration.

$ ssh git-codecommit.us-east-2.amazonaws.com

You will be asked to confirm the connection because git-codecommit.us-east-2.amazonaws.com is not yet included in your known hosts file. The AWS CodeCommit server fingerprint is displayed as part of the verification.

You have successfully authenticated over SSH. You can use Git to interact with AWS CodeCommit. Interactive shells are not supported.Connection to git-codecommit.us-east-2.amazonaws.com closed by remote host.
Connection to git-codecommit.us-east-2.amazonaws.com closed.

After you have confirmed the connection, you should see confirmation that you have added the server to your known hosts file and a successful connection message.