How to Connect Your AWS EC2 Instance to VS Code via SSH: Complete Step by Step Guide
By Braincuber Team
Published on March 9, 2026
We watched a junior DevOps engineer SSH into an EC2 instance via PuTTY, edit files with nano, then copy-paste the code back into VS Code to check syntax. For 3 weeks. Every single edit. That is roughly 47 hours of wasted context-switching on a workflow that takes 5 minutes to set up properly. VS Code's Remote-SSH extension lets you edit files on your EC2 instance directly from your local editor — with IntelliSense, extensions, and your entire local dev environment. This tutorial shows you exactly how.
What You'll Learn:
- How to create an EC2 instance with a key pair for SSH access
- How to set .pem file permissions on both Windows and Linux
- How to connect to EC2 via SSH from your terminal
- How to configure VS Code Remote-SSH extension for one-click access
- How to edit, debug, and run code on your EC2 instance from VS Code
Why Connect EC2 to VS Code? (Stop Using nano Over SSH)
Full IDE on Cloud Files
Edit remote files with IntelliSense, syntax highlighting, auto-complete, and every VS Code extension you already use locally. No more typing code in a bare terminal editor.
No Login Dance Every Time
Once configured, VS Code reconnects to your EC2 instance in 1 click. No PuTTY, no remembering IP addresses, no pasting SSH commands from a sticky note on your monitor.
Built-in Terminal Access
VS Code opens a terminal directly on your EC2 instance. Run npm install, git pull, systemctl commands — all from the same window where you are editing code. Zero context switching.
Works With Any Language
Java, Node.js, Python, Go, Rust — whatever runtime you install on your EC2 instance, VS Code Remote-SSH gives you full IDE support for it. Extensions install on the remote side automatically.
What You Need Before Starting
| Prerequisite | Details | Cost |
|---|---|---|
| AWS Account | Free tier gives you 750 hrs/month of t2.micro for 12 months | $0 |
| VS Code | Download from code.visualstudio.com | $0 |
| Remote-SSH Extension | Install from VS Code Extensions marketplace (by Microsoft) | $0 |
| GitHub Account | For cloning and pushing your source code | $0 |
| Basic Terminal Skills | cd, ssh, chmod — nothing advanced | $0 |
Step by Step Guide: Connect EC2 to VS Code
Create an EC2 Instance with a Key Pair
Log into AWS Console → search EC2 → Launch Instance. Pick an AMI (Amazon Machine Image) — Ubuntu or Amazon Linux 2 are the most common. Select t2.micro (free tier). Under Key pair, create a new key pair and download the .pem file. This file is your SSH key — lose it and you lose access to your instance. Save it somewhere safe (not your Downloads folder). Configure your security group to allow SSH (port 22) and click Launch.
Set Correct .pem File Permissions
SSH will refuse to connect if your .pem file has open permissions. This is the single most common error for first-timers ("WARNING: UNPROTECTED PRIVATE KEY FILE"). Fix it before you even attempt to connect.
# ---- Linux / macOS ----
chmod 400 your-key.pem
# ---- Windows (PowerShell) ----
# First, find your username:
whoami
# Then restrict permissions to your user only:
icacls "your-key.pem" /reset
icacls "your-key.pem" /grant:r "%USERNAME%:R"
icacls "your-key.pem" /inheritance:r
SSH into Your EC2 Instance from the Terminal
Open your terminal and run the SSH command using your .pem file and the EC2 instance's Public IPv4 DNS (find this in the EC2 dashboard under Instance details). If you see a success message, you are connected.
# For Ubuntu AMI:
ssh -i "path/to/your-key.pem" ubuntu@ec2-XX-XXX-XXX-XXX.region.compute.amazonaws.com
# For Amazon Linux AMI:
ssh -i "path/to/your-key.pem" ec2-user@ec2-XX-XXX-XXX-XXX.region.compute.amazonaws.com
# Breaking it down:
# ssh = starts a secure remote connection
# -i "key.pem" = specifies the private key file
# ubuntu@ = the default username (varies by AMI)
# ec2-XX-... = your instance's public IPv4 DNS address
Default Usernames by AMI
The SSH username depends on which AMI you chose: ubuntu for Ubuntu, ec2-user for Amazon Linux / RHEL, centos for CentOS, admin for Debian. Use the wrong username and SSH will reject your connection with "Permission denied." We have seen devs spend hours debugging their key pair when it was just the wrong username.
Install the Remote-SSH Extension in VS Code
Open VS Code → click the Extensions icon (or Ctrl+Shift+X) → search for "Remote - SSH" by Microsoft → click Install. This extension lets VS Code connect to remote machines over SSH and treat them as local development environments. Once installed, you will see a green double-arrow icon in the bottom-left corner of VS Code.
Configure the SSH Host in VS Code
Click the green double-arrow icon → select "Connect to Host..." → click "Add New SSH Host..." → paste your SSH command (the same one from Step 3). VS Code will ask which SSH config file to update — pick the default (~/.ssh/config). Verify the config has the correct HostName (your IPv4 DNS), User (ubuntu or ec2-user), and IdentityFile (path to your .pem file).
Host my-ec2-server
HostName ec2-XX-XXX-XXX-XXX.region.compute.amazonaws.com
User ubuntu
IdentityFile C:/Users/yourname/.ssh/your-key.pem
# After saving, click the green arrow again
# -> Connect to Host -> select "my-ec2-server"
# VS Code opens a new window connected to your EC2 instance
Open Your Project Folder and Start Coding
Once VS Code connects (you will see the IPv4 DNS in the bottom-left status bar), click File → Open Folder and navigate to your project directory on the EC2 instance. If you cloned a GitHub repo earlier, navigate to that folder. You now have full VS Code IDE access — file explorer, integrated terminal (running on EC2), Git integration, debugging, and every extension working on the remote machine. Edit, save, and your changes are live on the server instantly.
Common Errors and How to Fix Them
| Error | Cause | Fix |
|---|---|---|
| "UNPROTECTED PRIVATE KEY FILE" | .pem file has too-open permissions (other users can read it) | Run chmod 400 (Linux) or icacls commands (Windows) from Step 2 |
| "Permission denied (publickey)" | Wrong username for the AMI or wrong .pem file | Use ubuntu (Ubuntu AMI), ec2-user (Amazon Linux), or check your key pair |
| "Connection timed out" | Security group does not allow SSH (port 22) inbound | Add inbound rule: type SSH, port 22, source 0.0.0.0/0 (or your IP) |
| "Host key verification failed" | EC2 IP changed (after stop/start) but old key is cached locally | Delete old entry from ~/.ssh/known_hosts, then reconnect |
| VS Code "could not establish connection" | SSH config path or IdentityFile path has spaces or wrong slashes | Wrap paths in quotes; use forward slashes even on Windows in SSH config |
Elastic IP Warning
Every time you stop and start (not reboot) your EC2 instance, the public IP changes. Your SSH config breaks. Either allocate an Elastic IP ($0 while the instance is running) or update the HostName in ~/.ssh/config every time you restart. We have seen devs think their key pair is broken when it is just a changed IP address.
Pro Tips After You Are Connected
Elastic IP = Allocate one to keep your IP permanent across restarts ($0 while attached)
VS Code Extensions = Install language extensions on the remote side (they auto-detect)
Port Forwarding = VS Code auto-forwards ports so you can preview web apps at localhost
Git Integration = Push changes to GitHub directly from VS Code's built-in Git panel
Multiple Hosts = Add multiple EC2 instances to your SSH config and switch between them
Frequently Asked Questions
What is the Remote-SSH extension in VS Code?
Remote-SSH is a Microsoft extension for VS Code that lets you connect to any remote machine over SSH and use it as your development environment. You get full IntelliSense, file explorer, integrated terminal, and extension support on the remote server.
Why does SSH say "UNPROTECTED PRIVATE KEY FILE" when I try to connect?
Your .pem key file has permissions that are too open, meaning other users on your system could read it. SSH blocks this for security. On Linux/macOS, run chmod 400 your-key.pem. On Windows, use icacls to restrict permissions to your user only.
What username do I use for SSH on different AWS AMIs?
Ubuntu AMI uses "ubuntu", Amazon Linux and RHEL use "ec2-user", CentOS uses "centos", and Debian uses "admin". Using the wrong username causes a "Permission denied" error that looks like a key pair problem but is not.
My EC2 IP changed and VS Code cannot connect anymore. What happened?
When you stop and start (not reboot) an EC2 instance, AWS assigns a new public IP. Your SSH config still points to the old IP. Either update the HostName in ~/.ssh/config or allocate an Elastic IP to keep a permanent address.
Can I use VS Code Remote-SSH with languages other than Java?
Yes. Remote-SSH works with any language or framework installed on the EC2 instance: Node.js, Python, Go, Rust, Ruby, PHP, and more. VS Code extensions install on the remote side automatically, giving you full IDE support regardless of the stack.
Need Help Setting Up Your AWS Cloud Infrastructure?
We have configured EC2 instances, CI/CD pipelines, and cloud development environments for over 80 production applications. From SSH key management to auto-scaling groups, let us set up your AWS infrastructure the right way — so your team codes instead of debugging connection issues.