Can't open AWS EC2 instance using Putty - amazon-ec2

I did the ec2 instance setup and converted private key pair to .ppk format.
When I try to open the instance it's displaying the following error in Putty:
unable to open connection to [host_name] host not found

This is a DNS question. Open a command window and type "nslookup [your hostname]" where [your hostname] is the name of the server you are trying to connect to. If it does not find an IP then you (or someone) needs to add your new server to DNS.
As asked above, does your instance even have a public IP address? If not then you will need to set up VPN for your VPC.

Related

EC2 Instance Connect (browser-based SSH connection) doesn't work

Trying to connect Amazon AWS EC2 instance fails.
Platform: Amazon Linux
Connection method: EC2 Instance Connect (browser-based SSH connection)
Error: There was a problem setting up the instance connection
Log in failed.
If this instance has just started up, try again in a minute or two.
Note: I am able to connect via Putty / SSH Client. But same instance can't connect via browser.
When checked network logs in browser's developer tool, see a Status Code: 400 Bad Request for following URL:
https://ec2-instance-connect.us-east-2.managed-ssh.aws.a2z.com/ls/api/tokens
Has anyone ever successfully connected to Amazon Linux EC2 instance from browser.
To test, I just did the following:
Launched an Amazon Linux 2 EC2 instance with the default security group
Clicked "Connect" in the EC2 management console
Selected "EC2 Instance Connect"
Clicked "Connect"
A new browser tab opened and a few seconds later I had a working SSH connection.
I then tried it again with an Amazon Linux (not Amazon Linux 2) instance and got the error:
There was a problem setting up the instance connection
Log in failed. If this instance has just started up, try again in a minute or two.
This is because the EC2 Instance Connect client is only pre-installed on Amazon Linux 2 and Ubuntu 16.04 or later.
You can use EC2 Instance Connect with your ssh client. In case you really need the browse-based connection, your security group must have a rule allowing SSH connections (port 22) from 0.0.0.0/0. Not much secure in my point of view...
This is for AWS Lightsail, I could not use browser to connect via SSS, instead I was able to connect via SSH using macOS terminal. I was able to login via SSH by appending my public key id_rsa.pub contents to the remote authorized_keys file, I used SFTP (Filezilla) to update authorized_keys file. For SFTP connection I downloaded ssh key from Accounts page.

Unable to SSH into ec2 from MacOSx

I have been trying to connect to my ec2 instance which was working a few hours ago. After I terminated my bash terminal abruptly, it refuses to work now. I'm getting a constant ssh: connect to host ec2-xx-xxx-xx-xx.compute-1.amazonaws.com port 22: Operation timed out error.
It worked on my friend's ubuntu system but fails to work even on my ubuntu.
I've allowed all the inbound and outbound routes too.
Have also used the correct command, made my .pem key private and all. Still doesn't work. What do I do
Check if the instance is turned on or its ip changed. Each ec2 instance has a private IP and a public IP, we should use the public IP of the ec2 to ssh to it. Find the public IP in the aws console.
Verify your attached EC2 security group, and check if the port ssh is open from your network. (with nmap for example).
In the security group validates that the source port is wide open or just open from your current public ip. (the last is more secure / recommended)

How to connect to an Oracle Database running on Amazon AWS EC2?

I have an Oracle Database instance running in Amazon AWS EC2 service. (it is not RDS Relational Database Services).
How can I configure my Oracle SQl Developer to to access this remote databse in AWS EC2?
By checking AWS documentation I found only references to connect to Oracle databse running in RDS services.
I apreciate your help.
Thanks
In AWS, edit the Security Group for your instance to add a rule (if one doesn't already exist).
Inbound
Type = SSH
Protocol = TCP
Port Range = 22
Source = "My IP", or "Custom" (as you wish)
In SQL Developer, open View -> SSH.
Right-click "SSH Hosts", New SSH Host.
Name = whatever you like
Host = your server's IPv4 Public IP address
Port = 22 (default)
Username = root or ec2-user, whichever is appropriate for the linux AMI you used
Use key file = tick this and select your key file for your instance
Add a Local Port Forward = tick this and accept the defaults (localhost, port 1521)
Edit the properties of your SQL Developer Database Connection
Connection Type = SSH
Port Forward = the name of the SSH Host you created earlier
SID / Service name = whatever SID or Service name you need
If you want to add another layer of security. SSH or DMZ + Load Balancing is the way to go. If not Make sure the following are all open for the IP. firewall, VPC Network, AWS inbound outbound rules.

Should an AWS EC2 instance connect using only IPv4 Public IP?

If I put the "IPv4 Public IP" of my EC2 instance in the browsers address shouldnt it connect and return an error message instead of just giving time out ?
So, it sounds like you are attempting to connect to the instance via SSH.
Things to check:
The Security Group associated with the instance needs to have port 22 open to either your Public IP address, or to 0.0.0.0/0 (which is not a good security practice)
You are on a network that is not blocking SSH traffic. Some corporate network prohibit such access (so try it from home).
The instance is running an SSH server. This is standard on Linux distributions, such as the Amazon Linux AMI. (Believe it or not, some people wonder why they can't SSH to a Windows instance.)
You should be trying to connect to a public IP address associated with the instance
The instance needs to be in a Public Subnet (which means the Route Table associated with the Subnet is pointing 0.0.0.0/0 traffic to an Internet Gateway). If you are using the Default VPC, then this is done for you.
You have the private half of the keypair that was nominated when the instance was launched. If you are using an Amazon Linux instance, the private half of the keypair would have been automatically copied to: /home/ec2-user/.ssh/authorized_keys
The fact that your connection is timing-out, as opposed to receiving an error message, most likely makes it an incorrectly configured Security Group. (Trust me, it's almost always the Security Group!)

EC2 Network Error : Connection timeout

I created an EC2 micro instance of Linux and launched it, created a keypair and all the beginning stuff specified in this video:
http://www.youtube.com/watch?v=hJRSti6DsJg
But when I connect to my instance with PUTTY terminal, it will not connect to my EC2 instance.
I have specified the correct instance Public DNS and private key which I created with the PUTTY key generator.
I get this error:
Network Error : Connection timeout
You simply need to add an ssh rule for inbound connections to you ec2 instance in the ec2 management console.
Go to ec2 console
Click Instances on Left
Select your instance
In the Description tab, locate Security Groups and click the available group link
Click edit button on Inbound tab
Click Add Rule and select SSH for type, Port Range 22, and Source Anywhere
Connect with putty :)
Are you sure you've enabled SSH access in the firewall settings of your instance?
Can you connect with PUTTY to other machines? Perhaps your local firewall is blocking SSH connections.
Also, you cannot simply use a private key you generated with PUTTY - you'll have to create one using the AWS web interface, assign it to your EC2 instance, download it to your local computer and instruct PUTTY to use this when connecting to your EC2 instance.
Having successfully connected in the past, I got this error after shutting down my instance and starting it again.
Apparently the Public DNS changes after you shut it down and start it again, so I had to replace the DNS string in PuTTY before it could find my instance to connect with it on port 22.
This error may occur when you enable ufw and reboot your instance. First you have to add 22/tcp before enabling ufw. Following is the command
$ ufw allow 22/tcp
If you already made the mistake. Then follow the following guide
Start a recovery instance.
Stop the blocked instance (DON'T TERMINATE)
Detach the blocked instance volume.
Attach Blocked volume to the recovery instance.
Log to the recovery instance(Newly Launched) via ssh/putty
Type sudo lsblk to display attached volumes
Verify the name of the Blocked volume. Generally start with /dev/xvdf.
Mount blocked volume.
$ sudo mount /dev/xvdf1 /mnt
$ cd /mnt/etc/ufw
Open ufw configuration file
$ sudo vi ufw.conf
Enable insert mode by pressing i in vi editor
Update ENABLED=yes to ENABLED=no
ClickESC and type :wq to update the file.
Verify the file contents. where update to ENABLED=yes -> ENABLED=no
$ sudo cat ufw.conf
Remove the mounted blocked volume from recovery instance
$ cd ~
$ sudo umount /mnt
Now detach blocked install volume from recovery instance and re-attach it to the original instance as /dev/sda1.
Finally, Start the blocked instance. Here's you will able to access your instance. If you enable ufw again don't forget to allow 22/tcp.
One more thing to remember when using putty to connect to, add security setting to accept ssh connection.
If you take default security group
I faced a similar issue.
Reason : Since in my Security Group, Inbound traffic to Port 22 was set to MyIP, now since every time I connected to Internet, I got assigned a different IP, while in our Security Group the Inbound Traffic to SSH was expected to come from previous IP only.
Solution : Edit the Security Group, and either make the Inbound Traffic to Port 22 as 'Anywhere'(not recommended) or again click the myIP(which will give the current IP assigned to you). Problem will be fixed.
I'm also facing the same Network Error : Connection timeout issue after keep all thing at correct place.
But in my case, internet gateway(igw) is not working so you guys also check default VPC configuration for troubleshooting.
This error is generally occurred because server not responding means source have not clear path to connect to you server even you put SSH 22 port in SG.
I faced this issue. Possible cases are
Make sure to open port number-22(ssh) in Inbound rule of Security group
Make sure to use correct .ppk file
Check Network settings. The VPC in which you have launched an instance, may not have
attached to Internet gateway. This happens when you accidentally delete the default
Internet-
gateway.
a) Create Internet gateway and attach to the mentioned VPC
b) In route table->route, add Internet gateway with (0.0.0.0/0)
This should fix the problem. :-)
You simply need to add an ssh rule for inbound connections to you ec2 instance.
Go to ec2 console Security Groups
Select your Security Groups
Click edit button on Inbound tab
Click Add Rule and select SSH for type, Port Range 22, and Source Anywhere or My IP
Click save rules button
Now connect it's working

Resources