AWS EC2 instance SSH Connection timed out for port 22

-


In this post I'll describe one of the connectivity issue that I faced while working with AWS EC2 instance. Below is the problem summary, cause and solution. Let's get started...

 Problem
I have created an EC2 Ubuntu Linux instance and configured the same my own. However, I have installed some container application on the same but during the work all of a sudden the SSH connection lost. Now, when I tried to get the connection again , it says-
ssh -L 5901:localhost:5901 -I ssh-key.pem ubuntu@ec2-13-xxx-xxx-139.ap-south-1.compute.amazonaws.com
connection timeout for port 22

 Cause
There could be multiple reasons of the same like, inbound rule changes for port 22, firewall turned on, Security group changes etc. In my case it was 'firewall turned on'.

 Solution
So how should I go to turn off the firewall without native ssh connection which I do over terminal/putty? The answer is through other was utilities like- 

  • Browser based SSH connection
  • AWS Systems Manager
  • .....

In my case, I have used AWS Systems manager since browser based SSH wasn't working in my machine. Following are the steps I used to connect my linux instance via AWS Systems Manager-


  1. Go to AWS Systems Manager-  https://ap-south-1.console.aws.amazon.com/systems-manager
  3. If you have not configured Systems Manager -> Click on Get Started with Systems Manager
  4. In my case I have already configured the same so I have Edit option visible there, you might been to configure the same with default options or change as per your requirement. I have configured with the defaults.
  6. Now we re ready with Systems Manager configuration.  So, in order to get SSH connection go back to  https://ap-south-1.console.aws.amazon.com/systems-manager , scroll down and find the section so called Remote Connect and Click on Explore Session Manager.
  8. Next > Click on Start Session Button
  10. Next > Select the instance and Start Session
  12. Next > a new tab will open in browser with SSH connection
So now we need to check the firewall status-
$ sudo ufw status
$ active

Since firewall is turned on so we need to disable it-
$ sudo ufw disable

Check the status again
$ sudo ufw status
$ inactive

Next > Terminate the session and take normal ssh connection from terminal and it should work now-
ssh -L 5901:localhost:5901 -I ssh-key.pem ubuntu@ec2-13-xxx-xxx-139.ap-south-1.compute.amazonaws.com                            
                                                                
Welcome to Ubuntu 18.04.4 LTS (GNU/Linux 5.3.0-1017-aws x86_64)
 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage
  System information as of Wed May 20 08:21:37 UTC 2020
  System load:  0.0                Processes:              263
  Usage of /:   85.1% of 29.02GB   Users logged in:        1
  Memory usage: 42%                IP address for eth0:    172.31.33.26
  Swap usage:   0%                 IP address for docker0: 172.17.0.1
                                                                  
  => / is using 85.1% of 29.02GB
 * MicroK8s passes 9 million downloads. Thank you to all our contributors!
                                                                  
     https://microk8s.io/
 * Canonical Livepatch is available for installation.
   - Reduce system reboots and improve kernel security. Activate at:
     https://ubuntu.com/livepatch
0 packages can be updated.
                           
0 updates are security updates.
Last login: Wed May 20 07:51:18 2020 from 157.38.98.218
ubuntu@ip-172-31-33-26:~

 That's it, our SSH connection is back now!

References-
https://aws.amazon.com/premiumsupport/knowledge-center/ec2-linux-resolve-ssh-connection-errors/
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html
https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started.html
https://linuxize.com/post/how-to-disable-firewall-on-ubuntu-18-04/

Comments

  1. RajaniMay 23, 2020 at 12:48 PM

    Good Post. I like your blog. Thanks for Sharing.
    DevOps Training
    DevOps Online Training
    DevOps Training in Ameerpet

    ReplyDelete
  2. RajaniMay 26, 2020 at 12:45 PM

    Nice Blog!! It is very helpful and very informative and I really learned a lot from it.
    DevOps Training
    DevOps Online Training

    ReplyDelete
  3. AnuJuly 19, 2020 at 11:54 PM

    which is very useful to new learners and professionals DevOps Training in Bangalore | Certification | Online Training Course institute | DevOps Training in Hyderabad | Certification | Online Training Course institute | DevOps Training in Coimbatore | Certification | Online Training Course institute | DevOps Online Training | Certification | Devops Training Online

    ReplyDelete
  4. bhanu sreeeDecember 23, 2020 at 12:14 PM

    An awesome blog for the freshers. Thanks for posting this information.
    Workday Studio Training
    Workday Studio Online Training

    ReplyDelete
  5. bhanu sreeeDecember 23, 2020 at 12:25 PM

    It is amazing to visit your site. Thanks for sharing this information, this is useful to me...
    Workday Studio Online Training India
    Workday Studio Online Training Hyderabad

    ReplyDelete
  6. bhanu sreeeDecember 24, 2020 at 11:30 AM

    Thanks for sharing such a good and informative content to all of us
    Workday Training Online
    Workday Training

    ReplyDelete
  7. johniFebruary 18, 2021 at 5:40 PM

    Those guidelines additionally worked to become a good way to recognize that other people online have identical fervor like mine to grasp a great deal more around this condition. and I could assume you are an expert on this subject. Same as your blog i found another one Sell On Amazon .Actually I was looking for the same information on internet for Sell On Amazon and came across your blog. I am impressed by the information that you have on this blog. Thanks a million and please keep up the gratifying work.

    ReplyDelete
  8. RajaniApril 15, 2021 at 4:15 PM

    Nice Post. I like your blog. Thanks for Sharing.
    DevOps Training
    DevOps Online Training

    ReplyDelete
  9. krishnaNovember 3, 2021 at 3:14 PM

    This post is so usefull and informative.Keep updating with more information...
    Benefits Of AWS
    Advantages Of AWS

    ReplyDelete
  10. L GaneshFebruary 4, 2023 at 8:45 PM

    This comment has been removed by a blog administrator.

    ReplyDelete
  11. Omar SettyMarch 10, 2023 at 2:50 PM

    This comment has been removed by a blog administrator.

    ReplyDelete
  12. APTRONMarch 16, 2023 at 4:19 PM

    APTRON provides the best AWS Institute in Noida. We provide complete hands-on training and flexible class schedules with students’ time.

    ReplyDelete

Post a Comment

Popular posts from this blog

Oracle SOA Suite- Implementing Email Notification

-
Image
In this post, I am going to show how to implement email notifications in Oracle SOA Suite using BPEL process. So let's get started- Implementing email notification in Oracle SOA Suite consists of below steps: Environment- IDE- Oracle jDeveloper 11g Weblogic Server 12c Oracle SOA Suite 12c High Level Steps Keep ready email server settings. Configure & enable usermessagingdriver-email for target SOA servers via console. Setting up Email driver (usermessagingdriver-email )with email server settings via enterprise manager. Enable notifications for SOA workflows(make sure either All or EMail option is selected).. Create SOA composite application Deploy it on SOA server. Testing & done. 1. Keep ready email server settings. Keep ready your below email server settings: Outgoing Mail Server          : smtp.domain.com Outgoing Mail Server Port   : xxx Default From Address         : username@doamin.com Outgoing Username            : actualemailid@doma
Read more

Oracle SOA Suite 12c- PKIX path building failed & unable to find valid certification path to requested target

-
Image
Hi Everyone, in this blog I'll be writing one of the strange issue that has been encountered while working with a Oracle SOA composite running in Oracle IDAM environment and trying to invoke a SSL based remote service where SSL certification based exception has been thrown during the service invocation. Environment Oracle SOA Suite 12c  (HA Mode) Oracle IDAM 12c (HA Mode) Oracle Linux 7 External Web Service (SOAP Service) Problem Below is the exception thrown when trying to invoke an external webservice (SSL Based) via BPEL process- <bpelFault><faultType>0</faultType><remoteFault xmlns="http://schemas.oracle.com/bpel/extension"><part name="summary"><summary>oracle.fabric.common.FabricInvocationException: Unable to invoke endpoint URI "https://idam.uppclonline.com/soa-infra/services/default/DefaultOperationalApproval!5.12*soa_69e4734b-d8fe-4edf-b44e-e287f61c2ddf/SMSNotification%23ApprovalProcess/SMSNotification" succe
Read more

Migration of Oracle SOA Suite Composite from 11g to 12c

-
Image
Recently I have came across a scenario where I have a business requirement of  migration of Oracle SOA Suite 11g(11.1.1.7.0) to 12c(12.1.3.0). Below are the different mechanisms I have tried to do, few of them failed and one succeeded. Working in Oracle SOA Suite 11g is completely different from 12c. In 11g, we need to install the jDeveloper(11.1.1.7) then SOA extension separately to be installed either via offline file  (download available at  https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/156082.xml ) or through jDeveloper top menu >>  Help >> Check for Updates >> SOA Extension.  While working with 12c doesn't involves such tedious job. Only single installer is required for jDeveloper/SOA/Weblogic and is available as QuickStart Installer(download available at https://www.oracle.com/technetwork/middleware/soasuite/downloads/index.html). Approach 1- Compress(Zip) SOA composite code of 11g version (11.1.1.7.0) and unzip to a differe
Read more