How Can We Help?

AWS SSH Troubleshooting

You are here:
< All Topics

SSH Troubleshooting with EC2 Instances


Connection timeout


Connection timeout error means there is a security group issue. Any timeout (not just for SSH) is related to security groups or firewall issues.


Make sure your security group is correctly assigned to your EC2 instance and allows inbound connections from all IPs or the IP you are trying to connect from on port SSH 22.

If you still cannot connect receiving a time out message, then this means a firewall is blocking the connection.


So this will need to be modified first.


If SSH does not work on Windows and replies with “ssh command not found” then you need to use or install Putty



SSH Connection refused


If you get “connection refused” this means the instance is reachable, but no SSH client service is running on the instance


Try to restart the instance and if SSH still does not work, terminate the instance and create a new one. Make sure you’re using Amazon Linux 2 for the EC2 instance.



SSH Permission denied


If you get “Permission denied (publickey,gssapi-keyex,gssapi-with-mic)”


This means you are either trying to use the wrong security key or else not using a security key at all. Check the EC2 instance configuration to ensure you have assigned the correct key to it.

Alternatively permission refused can happen if you are using the wrong user. Check that you have started an Amazon Linux 2 EC2 instance, and ensure you are using the user ec2-user. This is speficied as ec2-user@<public-ip> (ex: ec2-user@ in your SSH command.


As a workaround you can connect to the instance by using EC2 Instance Connect.



Cannot connect – EC2 Instance IP Changed


If you could connect yesterday, but not today then this can be because you have stopped your EC2 instance and then started it again today.


When you restart an EC2 instance, the public IP of that EC2 instance changes.


Be sure that you are trying to connect using the correct current public IP for the instance.



EC2 Instance Connect Workaround


You can access your EC2 instance using AWS EC2 Instance Connect as a workaround while you fix the problem.










Table of Contents