I want to copy a folder from remote ubuntu to ec2-instance tried the below at remote ubuntu machine
scp -i </path/of/ec2_pemkey> -r <folder that I wanna copy> user#<ip of ec2>:/path/where/I wanna/copy
I copied my pem to remote and changed permissions chmod 400
error: connection timed out
The Connection Time out means that your local can't be able to reach the remote.
to debug :
Check if your remote machine authorize traffic from port 22 ( Security Group)
Check if You have the good public IP of your machine
If its was an error with your pem key or user (ubuntu) you will receive an access denied error.
From you comment, that means its was the IP of the machine missing or not good.
I missed adding ip address of my remote ubuntu machine to security groups of my ec2 instance. Once done, I was able to scp from remote ubuntu to ec2 instance.
Make sure security group type is SSH which enables port 22
Related
Need to reach phpMyAdmin on an EC2 instance behind a bastion/jumpserver from local laptop.
Looking to reduce these steps into using .shh/config. The question seeks to solve the right configurations.
When connecting to EC2 without public bastion server to jump through, this is the normal way documented which does not work in my case because our deployment uses a public facing bastion:
https://docs.bitnami.com/aws/faq/get-started/access-phpmyadmin/
When you need to jump through a public facing bastion e.g.:
Local/Laptop ------> bastion/jumpserver -----> ec2
This above reference link does not follow the same workflow and documentation is sparse.
Setting up inbound/outbound rules for this capability is also sparse.
The preference is to use .ssh/config which is setup like this:
Host bastionHostTunnel
Hostname <publicBastionIp>
User <bastionusername>
ForwardAgent yes
IdentityFile <local path to .pem file>
Host ec2Host
Hostname <privateEC2IP>
User <ec2 username>
ForwardAgent yes
IdentityFile <local path to .pem file>
# -A Enable forwarding of the Authentication agent connection
# -W used on older machines instead of -J to bounce through
# %h the remote hostname
# On Windows 10(only?) seems must call ssh.exe instead of only ssh
ProxyCommand ssh.exe -A -W %h:22 bastionHostTunnel
I obviously left out vars in <> above - but I have them and have verified similar configuration is working for enabling SFTP as above with FileZilla.
Then in shell call this to bind port localhost:8888 (http://127.0.0.1:8888):
ssh ec2Host -D 8888
Then ought to be able to open browser and go to the following to access phpMyAdmin:
http://127.0.0.1:8888/phpmyadmin
Current issue is that this process is hanging and possibly refusing the connection. This points to either bad configuration above or incorrect inbound/outbound rules for either/both bastion and ec2 instance.
Has anyone here had similar issue and was able to solve and could share further, much appreciated. Plus any extra clues as far as debugging the overall process would help in the answer.
I'm most curious if it works if you specific everything on the command line...once you determine that works, you can start refactoring to put some aspects in to .ssh/config. It's usually easier for me to find errors with my configuration if everything is on the command line, plus I don't know that I see the correct forwarding options all listed there.
Unless I'm very mistaken, you don't need any reference to the ec2 host in your SSH config file because you're using the jump machine to redirect localhost traffic there, you wouldn't directly be able to reach the ec2 host machine from your local machine using an SSH tunnel.
There are many ways to do a tunnel, but when I do this, I use a command like ssh -L 8080:destination:80 -i <keyfile> me#jumpbox . destination must be reachable from jumpbox, which I can verify by first using ssh -i <keyfile> jumpbox then, once on that machine, ssh destination. If there's a problem along the way, it's easier to debug these little steps (for instance, if I can't connect by manual ssh to jumpbox then I know the tunnel will never work).
In my local network I currently can't ssh to bitbucket:
telnet bitbucket.org 22 fails.
But I can ssh to an remote ubuntu instance that can ssh to bitbucket (the command above works).
How can I configure my connectivity to make my traffic to bitbucket port (22) go through this intermediary instance?
I tried running the command below but did not work:
sudo ssh -i mykey -N -L 22:remote_instance:22 ubuntu#remote_instance (ps: remote_instance can access bitbucket with port 22).
Thanks :)
I'm trying to copy my public key from a CentOS environment to a Ubuntu machine. I used the following command
ssh-copy-id root#Ubuntu_IP
However I get an error saying Connection timed out. I'm able to ping from my host to the remote machine. The purpose behind this is that my host machine is ansible control node where as Ubuntu machine is my managed node.
Make sure you add a permanent route in the remote machine for the host machine.
route add -net remote_ip netmask mask_ip gw gateway_ip eth0
Also disable the firewall on the remote machine. This seemed to have solved the problem in my case.
Connecting to Ubuntu 14.04 server at AWS gx2.2 instance(Huge GPU one), from an Ubuntu 14.04 system with the following command:
ssh -i ~/.ssh/key.pem ubuntu#12.121.12.321
Normally it would just connect, but now it times out with this error:
ssh: connect to host 54.171.53.164 port 22: Connection timed out
I can Ctrl+C out of the freeze though.
I have tried to restart.
I have tried to sudo apt-get update.
Recheck your AWS parameters...
1) Check Public Ip associated with the Amazon ec2 instance, check whether it is the same as ip address 12.121.12.321 you are using to make connection.
2) Check the inbound rule of the security group associated with the Amazon ec2 instance. Ensure that the inbound rule has ssh access to the ip address of the machine from which you are trying to connect the Amazon ec2 instance.
3) Ensure that the pem file you file you are using is appropriate.
Hope it helps...
I have some problem connecting to my amazon EC2 server over ssh over proxy.
I have my username and password for http proxy port 8080.(dont have control over proxy)
Also I have my connection string which would work without proxy
ssh -i key.pem root#xx.compute.amazonaws.com
when I am trying to connect I am getting "No route to host" error
I tried to use putty, configured proxy + authentication file, But then I getting this error
"Unable to use this key file (OpenSSH SSH-2 private key)"
Also I dont know how putty inserts my proxy config, into ssh connection string, so I could try it in terminal
I was facing the same problem and this is what I used to connect, using corkscrew. My config file looks like this
Host AWS
Hostname <Public DNS>
Port 443
#Write the appropriate username depending on your AMI, eg : ubuntu, ec2-user
User ubuntu
IdentityFile </path to key file>
ProxyCommand /usr/bin/corkscrew 10.10.78.61 3128 %h %p
then I simply use this command to connect
ssh AWS
and it works flawlessly.
Note : You must edit your sshd_config file on the server to listen to ssh connections on port 443 (in addition to 22) and restart the ssh daemon.
Are you sure you can login as root? Try logging in as ec2-user instead.
Also, if you have assigned an elastic IP to your instance, the public DNS has probably changed. Log in to the aws console, and select your instance. Scroll down to look at the public DNS again and double check you are using the correct xx.compute.amazonaws.com addr.