Configure the AL2 MATE desktop connection
The MATE desktop environment
".NET Core
"x.x
, Mono x.xx
,
PowerShell x.x
, and MATE DE pre-installed to run your .NET
applications on Amazon Linux 2 with Long Term Support (LTS).
The environment provides an intuitive graphical user interface for administering AL2 instances with minimal use of the command line. The interface uses graphical representations, such as icons, windows, toolbars, folders, wallpapers, and desktop widgets. Built-in, GUI-based tools are available to perform common tasks. For example, there are tools for adding and removing software, applying updates, organizing files, launching programs, and monitoring system health.
Important
xrdp
is the remote desktop software bundled in the AMI. By default,
xrdp
uses a self-signed TLS certificate to encrypt remote desktop
sessions. Neither Amazon nor the xrdp
maintainers recommend using
self-signed certificates in production. Instead, obtain a certificate from an
appropriate certificate authority (CA) and install it on your instances. For more
information about TLS configuration, see TLS security
layerxrdp
wiki.
Note
If you prefer to use a virtual network computing (VNC) service instead of xrdp, see
the How do I
install a GUI on my Amazon EC2 instance running AL2
Prerequisite
To run the commands shown in this topic, you must install the Amazon Command Line Interface (Amazon CLI) or Amazon Tools for Windows PowerShell, and configure your Amazon profile.
Options
-
Install the Amazon CLI – For more information, see Installing the Amazon CLI and Configuration basics in the Amazon Command Line Interface User Guide.
-
Install the Tools for Windows PowerShell – For more information, see Installing the Amazon Tools for Windows PowerShell and Shared credentials in the Amazon Tools for Windows PowerShell User Guide.
Tip
As an alternative to doing a full installation of the Amazon CLI, you can use Amazon CloudShell for a browser-based, pre-authenticated shell that launches directly from the Amazon Web Services Management Console. Check supported Amazon Web Services Regions, to make sure it's available in the region you are working in.
Configure the RDP connection
Follow these steps to set up a Remote Desktop Protocol (RDP) connection from your local machine to an AL2 instance running the MATE desktop environment.
-
To get the ID of the AMI for AL2 that includes MATE in the AMI name, you can use the describe-images
command from your local command line tool. If you have not installed the command line tools, you can perform the following query directly from an Amazon CloudShell session. For information about how to launch a shell session from CloudShell, see Getting started with Amazon CloudShell. From the Amazon EC2 console, you can find the MATE-included AMI by launching an instance, and then entering MATE
in the AMI search bar. The AL2 Quick Start with MATE pre-installed will appear in the search results.aws ec2 describe-images --filters "Name=name,Values=amzn2*MATE*" --query "Images[*].[ImageId,Name,Description]"
[ [ "ami-0123example0abc12", "amzn2-x86_64-MATEDE_DOTNET-2020.12.04", ".NET Core 5.0, Mono 6.12, PowerShell 7.1, and MATE DE pre-installed to run your .NET applications on Amazon Linux 2 with Long Term Support (LTS)." ], [ "ami-0456example0def34", "amzn2-x86_64-MATEDE_DOTNET-2020.04.14", "Amazon Linux 2 with .Net Core, PowerShell, Mono, and MATE Desktop Environment" ] ]
Choose the AMI that is appropriate for your use.
-
Launch an EC2 instance with the AMI that you located in the previous step. Configure the security group to allow for inbound TCP traffic to port 3389. For more information about configuring security groups, see Security groups for your VPC. This configuration enables you to use an RDP client to connect to the instance.
-
Connect to the instance using SSH.
-
Update the software and kernel on the instance.
[ec2-user ~]$
sudo yum updateAfter the update completes, reboot the instance to ensure that it is using the latest packages and libraries from the update; kernel updates are not loaded until a reboot occurs.
[ec2-user ~]$
sudo reboot -
Reconnect to the instance and run the following command on your Linux instance to set the password for
ec2-user
.[ec2-user ~]$
sudo passwd ec2-user -
Install the certificate and key.
If you already have a certificate and key, copy them to the
/etc/xrdp/
directory as follows:-
Certificate —
/etc/xrdp/cert.pem
-
Key —
/etc/xrdp/key.pem
If you do not have a certificate and key, use the following command to generate them in the
/etc/xrdp
directory.$
sudo openssl req -x509 -sha384 -newkey rsa:3072 -nodes -keyout /etc/xrdp/key.pem -out /etc/xrdp/cert.pem -days 365Note
This command generates a certificate that is valid for 365 days.
-
-
Open an RDP client on the computer from which you will connect to the instance (for example, Remote Desktop Connection on a computer running Microsoft Windows). Enter
ec2-user
as the user name and enter the password that you set in the previous step.
To disable xrdp
on your Amazon EC2 instance
You can disable xrdp
at any time by running one of the following
commands on your Linux instance. The following commands do not impact your ability
to use MATE using an X11 server.
[ec2-user ~]$
sudo systemctl disable xrdp
[ec2-user ~]$
sudo systemctl stop xrdp
To enable xrdp
on your Amazon EC2 instance
To re-enable xrdp
so that you can connect to your AL2 instance
running the MATE desktop environment, run one of the following commands on your
Linux instance.
[ec2-user ~]$
sudo systemctl enable xrdp
[ec2-user ~]$
sudo systemctl start xrdp