Shoving off with Lightsail

Lightsail is basically a stripped-down version of Amazon's EC2 cloud computing service. I've wanted to have a cloud-based instance for a while, but it seemed that the complexity of setting up EC2 just barely overcame my willingness to commit to such an endeavor. With Lightsail, I had a cloud-based Debian instance up and running in just a few clicks. As you might expect, there are a few more steps to make it really fun, so I'll go through my initial steps.

Immediately after setting up my Lightsail Debian instance, I was able to use the web-based ssh client to connect to it. But I really wanted to be able to ssh to it from my machine at home, my phone, and my Raspberry Pi. As with a native machine, the first thing you want to do is update the software.

The next thing you want to do is set up a user account for yourself. Lightsail sets up an admin account for you, but I don't recommend using that everyday.

sudo useradd <user>

Also, add this user to the sudoers group so that you can do things like install sofware and manage the instance. As I write this, the procedure is to add the following line to /etc/sudoers.d/:

<user> ALL=(ALL:ALL) ALL

Note: The first time I did this, I messed up the format and this somehow prevented anyone from using sudo. Not having the root password for the instance, this basically meant that I could no longer manage the instance. While it's possible to fix this without trashing the instance, I chose to start over.

Now that I've created my user, I want to be able to use ssh to connect to my Lightsail instance. To do this, Lightsail requires that you use a keypair stored in a .pem file. Lightsail sets up a default keypair for you and you can download it from your Account page. This works out of the box with your default user account (e.g. admin), but you'll need to set it up for use with the user account you created for yourself.

  1. Set a static IP for your instance. (optional, but recommended)
  2. Download your pem file from AWS.
  3. Run ssh-keygen -y locally and give it the path to your pem file.
  4. Back on your Lightsail instance, paste the key into .ssh/authorized_keys for your new user.

Now you should be able to ssh to your new user account from your local machine (or any machine with the pem file) with the following:

ssh -i <pemfile.pem> <user@host>

If you have a domain sitting around, you can set up DNS. This opens up some fun possibilities, but mainly makes it easier to remember your hostname.

  1. Create a DNS zone in Lightsail
  2. Update your registrar with the AWS DNS servers
  3. Add an A record to the DNS zone (I took the subdomain off and it seems to work fine)
  4. Wait for the DNS settings to propogate

Now you can log in and install and configure software (offlineimap, msmtp, mutt, weechat, pastebins, a gopher server, bookmark manager, the list goes on).

But why wouldn't you set up dynamic DNS and just connect to your machine at home?

Well, yeah, I suppose I could do that, but it probably wouldn't be as complicated or expensive, now, would it? Seriously, though, my home network isn't the most reliable and, frankly, it might actually be easier to set up a Lightsail instance. Plus, having a box in the cloud seems so badass and the network speed/latency is marvelous.