@rafaelff: What keys? The SSH keys? Where do you have those keys? In .ssh?

Hi I couldnt start a session without providing the keys too
Anyone had success with that?

@mattisdada: Thanks.
I've put the part I've understood to:
https://winscp.net/eng/docs/guide_amazon_ec2#ssm
Feel free to improve it :)

@martin: It would suit on that page yes :) . Short explanation on what SSM is, it's basically just a way of SSHing into a server without the need of network access, it's also possible to use it without requiring keys or passwords and it uses AWSs IAM authentication system instead. Pretty cool stuff honestly.

---

@Invigor: For my situation it was okay for the keys, but no I couldn't get it to work without providing keys. I tried skipping authentication. SSM should allow it to work without keys, but.... didn't really work for me. Got ssh errors instead. Let me know if you find a workaround

Hi guys,

I'm also trying to get this working but the only way to get a successful connection is to pass a username and the associated PPK file via the SSH > Authentication setting.

This sort of defeats the purpose of using AWS SSM if we need to main user accounts and keys to set up an SFTP connection.

I assumed that my AWS credentials would be sufficient or am I missing something?

Thanks,
Michael

mattisdada wrote:

Do you think it's worthwhile creating a small guide for this particular authentication option?

I'm not familiar with AWS SSM / Session Manager. Would that fit as a subsection to the following article (along with "Connecting to EC2 instance in VPC" section)?
https://winscp.net/eng/docs/guide_amazon_ec2

Thanks for that Martin, don't know how I missed that option!

The only other thing I had to change to get it to work was changing ' to " in the parameter list. For whatever reason it doesn't like it.

Do you think it's worthwhile creating a small guide for this particular authentication option?

Was my final proxy string

You probably have to turn on "Do DNS name lookup at proxy end".
Also if they recommend starting the aws via powershell.exe (though I have no idea why), then you should do the same in WinSCP.
If none of this help, please post a session log file.

I'm trying to hook up WinSCP and AWS SSM / Session Manager. But I cannot get it to work with current tooling... :(

My attempt was to use Advanced > Proxy. Specify proxy as local and use the following proxy command:


But it appears as if WinSCP doesn't even get to that stage as it first looks for host (which is an AWS instance ID, not a valid host normally ie i-02633e980a031c37f.

AWS SSM would normally recommend to use .ssh/config with the following config:


Any help would be appreciated or if native support for this feature was added in, that'd be great :)