0

Hi thanks for reading,

I usually connect to my instance no problem. For example:

mymac:~ ssh i- path/to/my/key.pem ubuntu@ec2-really-long-public-dns

This worked yesterday, however today the same command does not work. I always update IPv4 in my security group to allow SSH on port 22 with my public IPv4 .

mymac:~ curl ifconfig.me

I also update my CNAME and A record file so that the website is accessible online.

However despite the instance domain is online on the internet. When i open my security group to accept traffic on ports 80 and 443 with my IPv4 I can access the website.

I just so not know what is going on.

When I run terminal to connect

mymac:~ ssh -vvv i- path/to/my/key.pem ubuntu@ec2-really-long-public-dns

debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to ubuntu@ec2-really-long-public-dns port 22.
ssh: connect to host ec2-really-long-public-dns port 22: Operation timed out

Any ideas? I've followed https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html#TroubleshootingInstancesConnectionTimeout as best as I can but no success.

Also I had another ec2 instance which i cannot set up on ssh either but did work yesterday, i am not sure what may have happened? I check my router and my network is not stopping port 22 TCP connections, no network firewall.

Nelson Canino
  • 1
  • 2
  • I understand updating your security group with your current public IP given your IP can be dynamic. What CAME / A record are you changing? Your EC2 instance should be using an elastic IP address, which never changes. The problem is most likely security group is blocking you. I just go to https://whatismyipaddress.com/ or similar to find out my IP. – Tim Jan 06 '19 at 07:46
  • I think you're right let my see what the static IPv4 is. – Nelson Canino Jan 06 '19 at 08:09
  • I am actually hosting the domain on GoDaddy but using the Amazon Web server. GoDaddy does not have a DNS, I only use the Amazon name servers to keep the domain associated with a dynamic IP that is my EC2 instance. I don't use an elastic IP with EC2 so each time a start an instance it changes the DNS. I'm thinking this might be a VPC or network issue because I just have not been able to successfully connect to the EC2. I've looked in the etc/ssh/sshd_config also etc/ssh/ssh_config files which both have the correct port 22. – Nelson Canino Jan 06 '19 at 08:14
  • I don't know what you mean "using the Amazon Web server". GoDaddy does have DNS. This really isn't making sense. You should get an elastic IP, they're free when you're instance is running, they only cost if you don't have them associated with a running instance. – Tim Jan 06 '19 at 08:44
  • Let me clear this up. I made an elastic IPv4 for my ec2 instance. I associated it correctly with my instance. I type in the IPv4 in my browser bar and my webpage shows up. My problem is connecting to the instance on terminal. A few days ago I was able to make files, and perform maintenance on my website. I connect using terminal ssh. Recently the same command does not let me connect, the response times out which is my question and problem right now, why can't i connect? I purchased the domain from godaddy and updated it with amazon name servers so that the IPv4 is handled on AWS end. – Nelson Canino Jan 09 '19 at 02:17
  • Ok, that makes more sense. If the only thing that's changed is the maintenance you did on your instance, then you may have run a command that disabled ssh or broke something else. The best options in AWS are usually 1) Use a volume snapshot to roll back to a known good point 2) Turn the instance off, create a new instance, mount this instance disk as a data disk and fix whatever the problem is. 1 is simple, 2 is complex. – Tim Jan 09 '19 at 02:19
  • I have used a volume snapshot from the instance back in August but I still get no connection. I have another instance which I also cannot connect to with the same error of a time out. I looked deep into my active connections mcbook:~ hi$ netstat -at tcp4 0 0 mcbook.59094 ec2-18-59-14-13.whois SYN_SENT I believe there is a problem with the tcp network connection, I can't seem to understand exactly what or why but I should get a response to the SYN_SENT – Nelson Canino Jan 10 '19 at 02:14
  • Security groups or NACLs is usually the answer, but it doesn't sound like that here. What happens when you create a new Amazon Linux instance in the same subnet, then try to connect to the public IP? If that doesn't work create a new VPC, leave the default open NACL, open up security groups, and try to connect. If that fails it's likely a client side issue. Also consider SSHing from another AWS instance, same subnet if you can, different VPC if you need to. – Tim Jan 10 '19 at 06:34

0 Answers0