Unable to connect to amazon EC2 instance via PuTTY



We have one ubuntu instance IP is

EC2/Putty & SFTP iunable to connect

We have to check many documents but not figure out what exactly happens.

AWS Ec2 connect below issue is coming.

Failed to connect to your instance EC2 Instance Connect is unable to connect to your instance. Ensure your instance network settings are configured correctly for EC2 Instance Connect. For more information, see Set up EC2 Instance Connect at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-set-up.html.

  • Can you provide a little more information about your EC2 instance and network setup? What AMI did you use to launch your EC2 instance (or at least what OS is it running)? How do you have your security group for the EC2 instances you're trying to connect to configured? Are you trying to use Instance Connect via the EC2 console, the CLI, or an SSH client?

4 Answers

There is an AWS Premium Support article that can be helpful to troubleshoot - https://aws.amazon.com/premiumsupport/knowledge-center/ec2-linux-ssh-troubleshooting/

If you still can't figure out, also take a look at this - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html

Also additional information that Miguel has pointed out will help us guide you better on what the issue might be. Definitely check that the security group on the EC2 machine allows ssh connection from your machine. If you are connecting over VPN your IP address as seen by EC2 may not be the same as what https://www.whatsmyip.org/ shows.

profile pictureAWS
answered a year ago

I will try this but not fix my issue let me know which security rule i will show so you can know better

answered a year ago

if instance is created using ami, then you should check the user name associated with the ami for ssh root user doesent work for such ec2s sometimes.

answered a year ago

According to the Setup Documentation for EC2 Instance Connect, there are three key steps (plus an optional one to install a client on your local machine, which I'm ignoring here given your context). These steps are:

  1. Network Access
  2. EC2 Instance Connect Agent (already installed on Ubuntu images after 16.04)
  3. IAM

EC2 Instance Connect uses SSH on TCP port 22 to connect to your instance. You can use the the Reachability Analyser to check access to port 22 from your source addresses, or the VPC flow logging to look for Deny statements around TCP port 22.

If your AMI is an Ubuntu 16.04 server or later supplied by Canonical, then you already have the agent installed. If it's not, it's worth making sure you've followed the steps in the setup document to get the agent installed.

The last thing you need to look at, from a setup perspective is to make sure you have IAM set up properly. Your user needs an IAM policy attaching to it which allows the "ec2-instance-connect:SendSSHPublicKey" action. In the above linked document, there are samples for allowing this on a specific group of instances, or for allowing based on specific instance Tags - customise to your specific use case.

One other thing to consider is that Ubuntu images use the username "ubuntu" to login, where Amazon Linux 2 images use "ec2" as the username, so make sure you're logging in with the right username! Good luck!

profile pictureAWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions