Login/Register
SSH hangs when connecting to Amazon EC2 instance
Asked Answered
sshamazon-ec2ssh-keyspem
R

8

30

I could connect to ec2 instance with the following command, but today I couldn't connect using it.

ssh -i abcKey.pem [email protected] -v

Following is the verbose. I have opened SSH port in EC2 ( I could connect to this till yesterday)

OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to ec2-x-x-x-x.ap-southeast-1.compute.amazonaws.com [x-x-x-x] port 22.
debug1: Connection established.
debug1: identity file abcKey.pem type -1
debug1: identity file abcKey.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
Revell answered 16/4, 2015 at 7:10 Comment(5)
have you tried using putty?Hyetography
@Altmish-E-Azam, Its not connecting via PuTTy tooRevell
make sure your host server is running? Also, If it possible to restart ssh service then do it and test.Hyetography
ps aux | grep ssh doesn't output any process, I installed some updated (ubuntu 14.04) today morning, can this be a cause to this?Revell
Stop and Start EC2 instance worked out. Don't know why.Revell
A
38

One possible problem is that the Security Group restrictions are too strict for you to be able to connect. To fix this:

  1. Go to the EC2 Management Console
  2. Click on Security Groups (in the left sidebar).
  3. Select your EC2 instance's security group.
  4. In the bottom box, click on the Inbound tab.
  5. There should be an SSH rule, make sure that it can be accessed from anywhere and that it is on the correct port (22 for SSH). Also, make sure that the protocol is TCP.
Annulate answered 1/2, 2018 at 21:49 Comment(1)
Ohh, missed out on this configuration. Thanks.Podvin
C
13

I was having the same issue. I followed what Amazon suggested in a video for handling a hanging SSH connection attempt. No dice. What worked in my case was using the following command:

ssh -i yourKeyHere.pem ec2-user@yourPublicIPHere -v

The publicIP is listed under publicIp in the EC2 management console.

Courageous answered 12/1, 2017 at 4:38 Comment(1)
I've had this problem today on cygwin and this (connecting to IP instead of domain name) resolved it.Counseloratlaw
T
8

I found I was getting stuck because my Route Table had no Internet Gateway setup.

I added an Internet Gateway, attached to my VPC, then added 0.0.0.0/0 to my Route Table targeting the Internet Gateway. This fixed this issue.

Thailand answered 7/2, 2019 at 15:59 Comment(0)
A
1

My solution

My problem was related to my VPN. Once I turned it off and waited a minute, it worked.

Details

My security group was setup to allow inbound ssh traffic from my IP address. Remember that I had my VPN on so the IP Address was from the VPN. When I did ssh -i "vpcpubhol.pem" [email protected], it seemed to do nothing. After a while it gave me this output ssh: connect to host xx.xxx.xxx.xx port 22: Operation timed out. Next

  1. I opened up the security group to allow all traffic from anywhere and I could connect.
  2. Then I narrowed it to ssh traffic from anywhere and it still worked.
  3. Then I narrowed it to ssh traffic from my IP Address (I clicked My IP under Source). It did not work.
  4. I turned off my VPN, waited about a minute, and it worked.
Asperity answered 17/7, 2023 at 0:30 Comment(0)
M
0

Mine answer is similar to colelemonz, except that I want to add some additional context. I created an EC2 instance with the default security group - accept traffic from anywhere to any port/protocol. However, ssh didn't work, even though my ec2 instance should have not have been rejecting any traffic.

The fix was to add another rule to my security group to allow ssh from anywhere on port 22. Once I did that, I was able to connect.

So, it appears the default rule is not sufficient. I don't understand why ...

Metalware answered 8/1, 2022 at 16:40 Comment(0)
M
0

The problem for me was the inbound rules in the security group. when creating the rule i have restricted it to MY-IP so i think the next day i get a new IP so i can no longer access it.

Mortality answered 2/5, 2022 at 7:56 Comment(0)
I
0

For me this was because the EC2 instance was in a private subnet on my VPC. Double check the Subnet ID in the instance summary

Intercostal answered 9/2 at 18:43 Comment(0)
M
0

Outdated IP address in security group rules?

The AWS UI often encourages using "My IP" (aka your house/office) for security group rules.

However, ISPs change your IP address every so often (weeks/months).

So you may have an outdated IP address associated with your SSH rule. That's what happened to me.

If this is the case, update the Source attribute of the rule to point to your current IPv4 address.

https://whatismyipaddress.com/

Musetta answered 25/7 at 18:58 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.