By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Port 22 (SSH) is not authorized

0

Hello, I am new to AWS and am learning using the Management Console. I created a free tier account and added a user with administrative access. Then I logged out of the root user and logged in with my new admin account. I created an EC2 instance, with everything configured. When I try to connect to the instance with EC2 Instance Connect, I get the following error: Port 22 (SSH) is not authorized Port 22 (SSH) is currently not authorized by your security group. To use EC2 Instance Connect, you must authorize port 22 for the EC2 Instance Connect service IP addresses in your Region. I looked for different solutions on Google, and also tried with ChatGPT, but nothing seems to work. Some things I did are: I went to my EC2 instance's security group and edited the inbound rule for SSH to Anywhere(0.0.0.0/0), I went to instance state/reboot instance I logged out and back in again I went to my EC2 instance's security group and edited the inbound rule for SSH to IPv4 prefix list name, as well as trying my Public IPv4 address

2 Answers
1

Hi,

I'd strongly recommend you to read https://repost.aws/knowledge-center/ec2-instance-connect-troubleshooting in full details and follow it to fix your issue.

When you get it working for IC, you can extend to ssh from your laptop.

Best,

Didier

profile pictureAWS
EXPERT
answered 23 days ago
profile picture
EXPERT
reviewed 23 days ago
0

I understand you're having trouble connecting to your EC2 instance using EC2 Instance Connect due to Port 22 (SSH) not being authorized. Let's go through some steps to resolve this issue:

  1. First, ensure that your security group has the correct inbound rule for SSH. The rule should allow traffic on port 22 from the EC2 Instance Connect IP range for your specific AWS region. Simply setting it to "Anywhere" (0.0.0.0/0) or your own IP address is not sufficient for EC2 Instance Connect to work properly.

  2. To find the correct IP range for EC2 Instance Connect in your region, you'll need to check the AWS documentation or use the AWS CLI to get the information.

  3. Once you have the correct IP range, modify your security group's inbound rule for SSH (port 22) to allow traffic from this specific IP range.

  4. After updating the security group, wait a few minutes for the changes to propagate.

  5. If you're still unable to connect, try rebooting your instance as you did before.

  6. Ensure that you're using the correct AWS region when attempting to connect. EC2 Instance Connect is region-specific, so make sure you're in the same region as your instance.

  7. Verify that your IAM user has the necessary permissions to use EC2 Instance Connect. The user should have the "ec2-instance-connect:SendSSHPublicKey" permission for the specific instance.

  8. If you're still experiencing issues, check if there are any VPC settings or Network ACLs that might be blocking the connection.

Remember, EC2 Instance Connect is a relatively new feature and may not be available in all regions. If you continue to have problems, you might want to consider using traditional SSH methods with a key pair as an alternative.

If none of these steps resolve your issue, it would be advisable to contact AWS Support for further assistance, as there might be account-specific or region-specific factors at play.
Sources
Amazon EC2 Instance Connect now available in additional AWS Regions
Security Groups and Classic Ports | AWS re:Post
Detecting EC2 Instances Exposed to Unrestricted SSH Access | AWS re:Post

profile picture
answered 24 days ago
profile picture
EXPERT
reviewed 24 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions