By using AWS re:Post, you agree to the Terms of Use

Can't ssh to EC2 after assigning an additional public ip(elastic ip)

0

Unable to ssh to an EC2 instance with elastic ip. Below is the actual setup of the EC2 instance,

  • Instance is running in a public subnet with a public IP address auto assigned during creation.
  • Created a secondary private ip, created an elastic ip and associated the elastic ip to the newly created private ip.
  • Now when ssh is tried, connection still works with the primary public IP. But ssh with elastic ip does not work

Instance's subnet's route table has 0.0.0.0/0 routed to Internet Gateway. Security Group has full access.

asked 9 months ago407 views
2 Answers
0

Have you configured your Operating System to recognise the new Private IP address? One of the steps on the Multiple IP Addresses help section goes over configuring the OS to recognise the new IP address.

I also found this article which goes over configuring multiple network interfaces.

Another thing to review is the interface that the SSH Daemon is bound to. It could be that SSH is only listening to the original Private interface and ignoring the second?

answered 9 months ago
0

Hi! Good question.

Does the operating system of your instance recognize the secondary IP? If your instance is Amazon Linux, it should do this for you with the ec2-net-utils package. You can also refresh the list of interfaces with a sudo service network restart and then view a list by ip addr li. If your instance is not Amazon Linux, it's slightly more complex and depends on the OS. There should be guides searchable via "configuring additional network interfaces and secondary IPv4 addresses" and also if the interfaces are in the same subnet, search "asymmetric routing rules"

Guide to associate elastic IP with a secondary private IP (IPv4): https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/MultipleIP.html#StepThreeEIP

A friendly security tip: if your instance is publicly accessible, I would recommend scoping down the inbound rules past 0/0 to either your network or more robust security controls to ensure there isn't unauthorized access to your EC2 instance.

answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions