By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Port 22 Operation Timeout on an instance that YESTERDAY was working perfectly. I have changed nothing.

0

Hello, I'm quite frustrated with the situation I'm facing.

Yesterday I had an EC2 instance set up for a Django application (python). I was able to SSH into it, made the necessary connections to the RDS, accessed the system through the public IP and DNS, and it was working perfectly.

This morning, I turned on my computer, tried to SSH to update git, and I'm getting a Port 22: Operation Timeout.

I have other instances in the same VPC that are working without any issues.

The rules, which I haven't modified, are as follows: Inbound: 22 TCP 0.0.0.0/0 443 TCP 0.0.0.0/0 80 TCP 0.0.0.0/0 8000 TCP 0.0.0.0/0 Outbound: All All 0.0.0.0/0 (I have two more for the connection to the relevant RDS, but I understand they shouldn't be a problem because everything is open.)

I also can't access through EC2 Instance Connect.

I want to emphasize that since last night when I left everything working, I haven't changed absolutely anything, and nobody has updated anything. I've compared the rules and the data of the EC2 instance with the other instances that do work for me, and everything is the same.

Please, I need to fix this in order to progress with the development of my application.

I tried rebooting and stopping and starting the instance. The NACL that is the same of the other instances, is already well configured. The same happens with de VPC settings.

I can SSH everything except this instance. TODAY. Yesterday I was able...

Topics
Compute
Tags
Amazon EC2
Language
English
Polfg
asked 6 months ago216 views
2 Answers
0

Hello.

Is the public IP address of your EC2 instance the same as the one you used yesterday?
The public IP address of an EC2 instance changes when you stop and restart it, unless you are using an Elastic IP address.
https://repost.aws/knowledge-center/ec2-recover-ip-address

If you still cannot connect, please check the logs by following the steps in the document below.
There may be some errors in the log.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html#instance-console-console-output

profile picture
EXPERT
Riku_Kobayashi
answered 6 months ago
  • Polfg
    6 months ago

    Hi, thank you for the answer. Yes, I've doubel checked the IPs every time I did something with the instance and I'm trying always with the last IP assinged.

    Here are the logs:

    UEFI firmware (version built at 09:00:00 on Nov 1 2018) [=3h[=3h[=3hGRUB_FORCE_PARTUUID set, attempting initrdless boot.

    EFI stub: Booting Linux Kernel... EFI stub: Generating empty DTB EFI stub: Exiting boot services... [ 0.000000] Booting Linux on physical CPU 0x0000000000 [0x413fd0c1] [ 0.000000] Linux version 6.2.0-1015-aws (buildd@bos01-arm64-006) (aarch64-linux-gnu-gcc-11 (Ubuntu 11.4.0-1ubuntu122.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.38) #1522.04.1-Ubuntu SMP Fri Oct 6 23:21:18 UTC 2023 (Ubuntu 6.2.0-1015.15~22.04.1-aws 6.2.16) [ 0.000000] efi: EFI v2.70 by EDK II [ 0.000000] efi: SMBIOS=0x7bed0000 SMBIOS 3.0=0x7beb0000 ACPI=0x786e0000 ACPI 2.0=0x786e0014 MEMATTR=0x7a776018 MOKvar=0x7be90000 RNG=0x71bf0018 MEMRESERVE=0x78566298 [ 0.000000] random: crng init done [ 0.000000] secureboot: Secure boot disabled [ 0.000000] ACPI: Early table checksum verification disabled [ 0.000000] ACPI: RSDP 0x00000000786E0014 000024 (v02 AMAZON) [ 0.000000] ACPI: XSDT 0x00000000786D00E8 000064 (v01 AMAZON AMZNFACP 00000001 01000013) [ 0.000000] ACPI: FACP 0x00000000786B0000 000114 (v06 AMAZON AMZNFACP 00000001 AMZN 00000001) [ 0.000000] ACPI: DSDT 0x000000007

0

What are the CloudWatch metrics for the EC2-Instance? Any abnormalities?

Having your port 22 inbound sec group open to 0.0.0.0/0 makes it vulnerable to botnets or other bad actors (even if it was a single day). For safety I would go ahead and terminate this machine now because the gates were already open. Create a new sec group to your IP address or to an SSH box and then create a new EC2-Instance with this security group.

profile pictureAWS
EXPERT
David
answered 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content