By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

instances not connecting via ssh

0

i have been having issues with Ssh-ing into my free tier ec2 instance, i firstly thought it could be an issue with my key_pairs but then tried ssh-a screenshot of the error code from terminal from the aws console and got errors still. please help with possible issues to look into. or is this error from the Aws end ?. error page when trying to get in from aws console

additional img after first answer Enter image description here Enter image description here Enter image description here

ec2 and Sg img Sg inbound cidr image Ec2 image

Topics
Management & GovernanceComputeAWS Free Tier
Tags
AWS Management ConsoleAWS Command Line InterfaceAmazon EC2AWS Free Tier
Language
English
profile picture
thickthumb
asked 4 months ago205 views
2 Answers
2
Accepted Answer

It seems your trying to SSH to your instances over the internet. In order to support this you need to ensure your EC2s are in a Public Subnet and they have a public IP. A public Subnet has a default route of 0.0.0.0/0 to the Internet Gateway.

The other requirement is in your security group assigned to the EC2. it must allow access on port 22 from your **Public **IP address.

The last thing is the NACL on the subnet needs to allow inbound and return traffic to the EC2 instance.

Please check all the above.

Also, strange its reporting hostname error on an IPv4 address.. Can you try putty to rule out your ssh client

profile picture
EXPERT
Gary Mclean
answered 4 months ago
  • thickthumb
    4 months ago

    Thanks for the swift reply, i checked with the subnet and its good. also i just did a recheck of both the security group rules as well as the network ACL as advised and they check out good also and the are associated with the subnet which is associated with the ec2 instance.

    added additional images to show this.

  • Gary Mclean EXPERT
    4 months ago

    Your welcome Nik.. The screenshots look good. I know you havent sent ones of SG and EC2s but just double check. Id be interested to know what CIDR you used on the INBOUND rule on the EC2 SG

  • thickthumb
    4 months ago

    Thanks Again Gary, and yes i double checked again , i dont mind sharing you my logon details in a more secured space since you are an expert in this. also added the imges for the ec2 and Ecs SG as requested.

  • Gary Mclean EXPERT
    4 months ago

    I just sshd to your EC2 I dont have a problem from my PC. Double check your using the CORRECT IP Address as your latest screen shot of the EC2 shows its different than what your trying.. Public IPs change if you stop and start an EC2 or redeploy them if not using an elastic IP

  • Gary Mclean EXPERT
    4 months ago

    If your able to connect, check the sshd logs for attempted access

2

The SSH command in your screenshot has an error, it has ec2user@ appearing twice ssh -i ~/.ssh/instance_keypair ec2-user@ec2-user@54.219.48.250 (there should only be one occurrence).

This might be why there is a problem with DNS reolution. The IP address itself looks fine, and is resolving to an EC2 instance in the Northern California region (which sounds like it is correct):

$ nslookup 54.219.48.250
250.48.219.54.in-addr.arpa      name = ec2-54-219-48-250.us-west-1.compute.amazonaws.com.

You haven't aliased the SSH command in the shell have you? Confirm this with which ssh and alias ssh

profile picture
EXPERT
Steve_M
answered 4 months ago
  • thickthumb
    4 months ago

    Thanks for pointing that mistake out it was corrected immediately gave an error and still didn't work, also i haven't aliased my ssh command, i anyway ran that check and it confirmed it wasn't altered from what it should be.. but then if the error could have been from that i should still be able to ssh using the aws console directly right ?

    I appreciate you looking into this for me Steve.

  • Steve_M EXPERT
    4 months ago

    It's always worth working through any of these anomalies, even if just to discount them.

    The last (at time of writing) screenshot, the one showing details of EC2 instance i-09484686f02bc7325, shows it was created from ami-04a36ed0ea76a4edd, which is Amazon Linux 2 and released within the past month. So this should come with EC2 Instance Connect installed, and you should be able to connect that way as long as the other prerequisites are met (public IP address, port 22 open) which it looks like they are.

    I can open a connection over port 22 to the IP address that's assigned to the EC2 instance in the screenshot. So I don't know why you can't.

    $ nc -vz 54.183.61.196 22
Ncat: Version 7.93 ( https://nmap.org/ncat )
Ncat: Connected to 54.183.61.196:22.
Ncat: 0 bytes sent, 0 bytes received in 0.23 seconds.
$
  • thickthumb
    4 months ago

    Thanks so much Steve, i am very sure now that this is an Aws Error on my account maybe so restrictions for some reasons best known to them...i tried this same configurations on another aws account and it worked just fine...now i dont know who to talk to to get this looked into from their end.

  • Steve_M EXPERT
    4 months ago

    It's your account and you know it better than me, but I'm sceptical that AWS has put some kind of restriction on your account that prevents you from SSHing to EC2 instances. I can open an SSH connection to the EC2's IP address so it's a mystery why you can't.

    If you're using the default VPC it could be worth deleting and recreating it, just in case there's some modification in the setup that messing with things https://repost.aws/knowledge-center/deleted-default-vpc

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content