when I log into my instance there is a certain IP address that refers to it. However, once I login I see some thing like:
ubuntu#ip-xxx-xxx-xxx-xxx:~$
Why is the xxx-xxx-xxx-xxx ip different than the IP used to login?
EC2 instances have both an internal and an external IP. While you access it over the public internet via the external IP, the instance internally knows itself as its private, internal IP address.
Related
I'm trying to move my website over to AWS. I set up EC2 but I can't find a way to access the dev site I've set up to allow me to test it works before I switch over. The stack is Laravel/Forge and Nginx.
I have assigned an Elastic IP address, and I've enabled HTTP access via port 80. But when I go to the IP address it redirects to the live domain itself.
Same thing when I use the Public IPv4 DNS (ec2-<IP address>.compute-1.amazonaws.com).
I've been battling with it for some time. Can anyone advise what I'm doing wrong.
I accidentally enabled firewall in my Ec2 instance which blocked me from SSHing --> Then, I used this answer to https://stackoverflow.com/a/50999373/3705478 gain access to my Ec2 instance, but my public Ip address changed. --> This caused me to update my Ip address with Domain registrar as it is a web server facing public. Also I have to change the ip address of the DB running Ec2 instances.
How can I prevent my public Ip address changing under such situations in Amazon EC2?
See the aws documentation for allocating a static ip here https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#using-instance-addressing-eips-allocating
If I put the "IPv4 Public IP" of my EC2 instance in the browsers address shouldnt it connect and return an error message instead of just giving time out ?
So, it sounds like you are attempting to connect to the instance via SSH.
Things to check:
The Security Group associated with the instance needs to have port 22 open to either your Public IP address, or to 0.0.0.0/0 (which is not a good security practice)
You are on a network that is not blocking SSH traffic. Some corporate network prohibit such access (so try it from home).
The instance is running an SSH server. This is standard on Linux distributions, such as the Amazon Linux AMI. (Believe it or not, some people wonder why they can't SSH to a Windows instance.)
You should be trying to connect to a public IP address associated with the instance
The instance needs to be in a Public Subnet (which means the Route Table associated with the Subnet is pointing 0.0.0.0/0 traffic to an Internet Gateway). If you are using the Default VPC, then this is done for you.
You have the private half of the keypair that was nominated when the instance was launched. If you are using an Amazon Linux instance, the private half of the keypair would have been automatically copied to: /home/ec2-user/.ssh/authorized_keys
The fact that your connection is timing-out, as opposed to receiving an error message, most likely makes it an incorrectly configured Security Group. (Trust me, it's almost always the Security Group!)
I have the following setup:
- a VPC, with several subnets, and an access gateway and a NAT instance having public addresses that I can connect to,
- I create a Linux instance in a subnet of the VPC, that has NO public IP address or DNS name (I want that only the Load Balancer be known on the internet).
I want to connect to my Linux instance to install and configure software.
How do you connect to that instance? All the documentation I have seen mentions that you connect using "ec2-user#".
Since I have no public DNS, i have tried to connect from the access gateway via putty with the private DNS of my linux instance but it fails ("host does not exist").
I am obviously missing something ... in the NAT?
Thanks, Laurent
You need to have a hosts in the public subnet which you can access. Once you access this host, then you can connect to your other hosts in VPC using their private IP address.
Your instance in question has only private IP address so connecting it from your workstation is not going to work.
The host I am referring to is usually called Bastion Host. read the Tip in Scenario 2: VPC with Public and Private Subnets documentation.
Also, read first few results of this Google Search to gain overall understanding on use-cases for Bastion hosts.
When I launch an EC2 instance,I will get a private ip and public ip.The public ip can be
visited by a dns domain like 'ec2-184-73-237-10.compute-1.amazonaws.com'.When I ping it,I got ip address 184.73.237.10.
My question is: does 184.73.237.10 only belongs to me or it's shared by different instances?
If it's shared by different instances,how does it work? As far as I know, each instances(linux) can be accessed by ssh.
Thanks in advance :-)
It only belongs to you (there is a 1:1 mapping between public and private IP addresses), but it can change at any time. For this reason, if you need an instance to be permanently accessible by IP they recommend using an Elastic IP Address. EIP is free as long as it's actually associated with an instance.
It is recommended to create and associate an Elastic IP (AWS's static IP) to your instance. And this IP will be only yours.
The benefit of Elastic IP, is that, even you can associate it to other instance, restored server from the AMI image of parent instance, thus bring back your site in case of any issues/attacks.