使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

Port 22 Operation Timeout on an instance that YESTERDAY was working perfectly. I have changed nothing.

0

Hello, I'm quite frustrated with the situation I'm facing.

Yesterday I had an EC2 instance set up for a Django application (python). I was able to SSH into it, made the necessary connections to the RDS, accessed the system through the public IP and DNS, and it was working perfectly.

This morning, I turned on my computer, tried to SSH to update git, and I'm getting a Port 22: Operation Timeout.

I have other instances in the same VPC that are working without any issues.

The rules, which I haven't modified, are as follows: Inbound: 22 TCP 0.0.0.0/0 443 TCP 0.0.0.0/0 80 TCP 0.0.0.0/0 8000 TCP 0.0.0.0/0 Outbound: All All 0.0.0.0/0 (I have two more for the connection to the relevant RDS, but I understand they shouldn't be a problem because everything is open.)

I also can't access through EC2 Instance Connect.

I want to emphasize that since last night when I left everything working, I haven't changed absolutely anything, and nobody has updated anything. I've compared the rules and the data of the EC2 instance with the other instances that do work for me, and everything is the same.

Please, I need to fix this in order to progress with the development of my application.

I tried rebooting and stopping and starting the instance. The NACL that is the same of the other instances, is already well configured. The same happens with de VPC settings.

I can SSH everything except this instance. TODAY. Yesterday I was able...

主題
運算
標籤
Amazon EC2
語言
English
Polfg
已提問 6 個月前檢視次數 230 次
2 個答案
0

Hello.

Is the public IP address of your EC2 instance the same as the one you used yesterday?
The public IP address of an EC2 instance changes when you stop and restart it, unless you are using an Elastic IP address.
https://repost.aws/knowledge-center/ec2-recover-ip-address

If you still cannot connect, please check the logs by following the steps in the document below.
There may be some errors in the log.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html#instance-console-console-output

profile picture
專家
Riku_Kobayashi
已回答 6 個月前
  • Polfg
    6 個月前

    Hi, thank you for the answer. Yes, I've doubel checked the IPs every time I did something with the instance and I'm trying always with the last IP assinged.

    Here are the logs:

    UEFI firmware (version built at 09:00:00 on Nov 1 2018) [=3h[=3h[=3hGRUB_FORCE_PARTUUID set, attempting initrdless boot.

    EFI stub: Booting Linux Kernel... EFI stub: Generating empty DTB EFI stub: Exiting boot services... [ 0.000000] Booting Linux on physical CPU 0x0000000000 [0x413fd0c1] [ 0.000000] Linux version 6.2.0-1015-aws (buildd@bos01-arm64-006) (aarch64-linux-gnu-gcc-11 (Ubuntu 11.4.0-1ubuntu122.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.38) #1522.04.1-Ubuntu SMP Fri Oct 6 23:21:18 UTC 2023 (Ubuntu 6.2.0-1015.15~22.04.1-aws 6.2.16) [ 0.000000] efi: EFI v2.70 by EDK II [ 0.000000] efi: SMBIOS=0x7bed0000 SMBIOS 3.0=0x7beb0000 ACPI=0x786e0000 ACPI 2.0=0x786e0014 MEMATTR=0x7a776018 MOKvar=0x7be90000 RNG=0x71bf0018 MEMRESERVE=0x78566298 [ 0.000000] random: crng init done [ 0.000000] secureboot: Secure boot disabled [ 0.000000] ACPI: Early table checksum verification disabled [ 0.000000] ACPI: RSDP 0x00000000786E0014 000024 (v02 AMAZON) [ 0.000000] ACPI: XSDT 0x00000000786D00E8 000064 (v01 AMAZON AMZNFACP 00000001 01000013) [ 0.000000] ACPI: FACP 0x00000000786B0000 000114 (v06 AMAZON AMZNFACP 00000001 AMZN 00000001) [ 0.000000] ACPI: DSDT 0x000000007

0

What are the CloudWatch metrics for the EC2-Instance? Any abnormalities?

Having your port 22 inbound sec group open to 0.0.0.0/0 makes it vulnerable to botnets or other bad actors (even if it was a single day). For safety I would go ahead and terminate this machine now because the gates were already open. Create a new sec group to your IP address or to an SSH box and then create a new EC2-Instance with this security group.

profile pictureAWS
專家
David
已回答 6 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容