Unable to SSH to the ubuntu managed node using instance-id

0

Dear all, I set up the session manager correctly a while ago. I was able to connect to my ubuntu-managed node through:

  • the System Manager Console
  • the AWS CLI ( Session manager Plugin is installed on my local Mac)
  • SSH using instance-id instead of host public IP I need the last one because I also need to transfer files between my local and the managed nodes. But after a few months, today I tried to connect using ssh:

ssh -i :path/to/file.pem ubuntu@{instance-id} But I'm not able to connect using ssh anymore ssh: Could not resolve hostname {instance-id}: nodename nor servname provided, or not known

The other starting session methods still work very fine and I am also able to SSH to the server using the host IP.

OS Version: Ubuntu 18.04.4 LTS

amazon-ssm-agent: 3.1.1188.0

Local AWS CLI: aws-cli/2.4.28 Python/3.8.8 Darwin/21.5.0 exe/x86_64 prompt/off

session-manager-plugin 1.2.295.0

Any help is really appreciated Regards Hamed.

  • Hello,

    Is there a chance that your instance was stopped at some point then you restarted it? Was it attached to an ElasticIP before stopping it? It could be that you IP address changed after starting your instance.

已提問 2 年前檢視次數 766 次
2 個答案
1
已接受的答案

It appears that ssh is trying to resolve the instance id instead of starting the proxy command from ~/.ssh/config file. To allow SSH connections through Session Manager, the ssh configuration file must have a proxy command that starts a Session Manager session and transfer all data through the connection. Make sure that ssh config file for the logged in user ( in your Ubuntu machine) has following entry in it.

$ cat ~/.ssh/config

# SSH over Session Manager
host i-* mi-*
    ProxyCommand sh -c "aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'"

For more details, refer to the following documentation.

https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started-enable-ssh-connections.html#ssh-connections-enable

profile pictureAWS
已回答 2 年前
  • Yes, that resolved my problem. Actually, it should be configured on the local ssh configuration. Thank you. Also, the needed policy permissions were missing for the SSH connection through the session manager.

0

Here is a tool designed exactly for that purpose: https://github.com/ivoronin/ec2ssh

已回答 9 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南