Deploying LogonBox VM in Amazon EC2

system

Deploying the VM

In the Amazon EC2 console, from the Instances page click the Launch Instance button.

 

Click on Community AMIs on the left hand side then search for: logonbox, then select the LogonBox AMI that appears for your product.

The Self Service Password reset product will appear as logonbox-idm-<version>, the VPN product will be logonbox-wireguard-<version>

Click the Select button on the right hand side.

 

 

Select the instance type you want to use (This must be a t2.small as a minimum due to memory requirements - LogonBox requires 2GB of memory in order to run), then click Next: Configure Instance Details.

 

Next select the networking, public IP (recommended to set Auto-assign Public IP to Enable) etc that you want to use and click Review and Launch (or optionally you can click Next to manually alter the storage details and tags).

 

On Step 7: Review Instance Launch, scroll down to the Security Groups section and click Edit security groups. 

Check that you have a rule for SSH on port 22 and add a new rule for HTTPS on port 443.

Click Review and Launch.

 

Review that your settings look OK, then click Launch.

Select an existing keypair and confirm you have access to the key or generate a new one, then click Launch Instances.

Your instance will now launch.

 

Connecting to your VM

You can see your new VM in the EC2 web console (URL varies according to location but an example for west europe is https://eu-west-1.console.aws.amazon.com/ec2/v2/home?region=eu-west-1#Instances:)

Your new VM may not have a name yet, so hover over the Name field and click the edit icon (a pencil) and enter a new name.

 

You can see the public DNS name and IP of the virtual machine from this view.

 

 

Web UI

You should be able to use a web browser to connect to this DNS name or IP using https://<host>.

As this is the first time you have accessed the server, it should display the Setup Wizard. Follow this wizard to complete the initial setup of the server.

 

Once the wizard has completed, you can now log on to the server and start to configure your users and resources.

 

SSH access

Using an SSH client of your choice you can also connect to the server over SSH. Amazon instances only accept key authentication so we will need the private key you used or generated whilst creating the VM.

For this example, we will use PuTTY for Windows.

We first need to convert the private key into one that PuTTY can use. For this, we run the program puttygen.

Click Load, change the filename dropdown so that it reads All Files (*.*) then find and select the private key file (.pem file) that you created and downloaded from EC2.

Optional (but recommended): Enter a key passphrase and confirm.

Now click Save private key and save the resulting .ppk file somewhere safe.

 

Start PuTTY and enter the hostname or IP for the VM.

On the left side, expand Connection->SSH and click on Auth. Next to Private key file for authentication, click on Browse and select the ppk file already saved above.

Click on Open to connect to the SSH session.

 

When you are prompted for a username, you need to enter the product name.

For the Self Service Password Reset product, the username is: hypersocket-idm

For the VPN product, the username is: logonbox-wireguard

As we had set a password on the key, the client next prompts for the key password. When we enter the password, the login completes and we have access to the server.