Navigation

AWS SSH Troubleshooting

Created On
Last Updated On
byeditor
Print
You are here:
< All Topics

SSH Troubleshooting with EC2 Instances

 

Connection timeout

 

Connection timeout error means there is a security group issue. Any timeout (not just for SSH) is related to security groups or firewall issues.

 

Make sure your security group is correctly assigned to your EC2 instance and allows inbound connections from all IPs or the IP you are trying to connect from on port SSH 22.

If you still cannot connect receiving a time out message, then this means a firewall is blocking the connection.

 

So this will need to be modified first.

 

If SSH does not work on Windows and replies with “ssh command not found” then you need to use or install Putty

 

 

SSH Connection refused

 

If you get “connection refused” this means the instance is reachable, but no SSH client service is running on the instance

 

Try to restart the instance and if SSH still does not work, terminate the instance and create a new one. Make sure you’re using Amazon Linux 2 for the EC2 instance.

 

 

SSH Permission denied

 

If you get “Permission denied (publickey,gssapi-keyex,gssapi-with-mic)”

 

This means you are either trying to use the wrong security key or else not using a security key at all. Check the EC2 instance configuration to ensure you have assigned the correct key to it.

Alternatively permission refused can happen if you are using the wrong user. Check that you have started an Amazon Linux 2 EC2 instance, and ensure you are using the user ec2-user. This is speficied as ec2-user@<public-ip> (ex: ec2-user@35.180.242.162) in your SSH command.

 

As a workaround you can connect to the instance by using EC2 Instance Connect.

 

 

Cannot connect – EC2 Instance IP Changed

 

If you could connect yesterday, but not today then this can be because you have stopped your EC2 instance and then started it again today.

 

When you restart an EC2 instance, the public IP of that EC2 instance changes.

 

Be sure that you are trying to connect using the correct current public IP for the instance.

 

 

EC2 Instance Connect Workaround

 

You can access your EC2 instance using AWS EC2 Instance Connect as a workaround while you fix the problem.

 

 

 

 

 

 

 

 

 

Table of Contents