1

I followed everything in exact same order as refered here :Amazon Set Up Documentation. I also read many SO answers but everyone suggested on checking the security group and route tables. I did everything none of them helped.

I have a USB Dongle which I use to surf internet. Its IP changes everytime I disconnect the dongle and reconnect it. But if I stay connected its IP remains same. So I did created a security group my_ip/32 and launched an ec2 instance. So without disconnecting my dongle i.e keeping my IP intact I tried to connect to the instance through SSH with simple

ssh -v -i my-key-pair.pem user@public_dns

command but with no luck.

But the funny thing is I can connect to the ec2 instance if I change my security group to 0.0.0.0/0 which is not suggested by amazon because of security issue.

Does anybody has faced the similar situation. Or Amazon did miss something in their documentation.

NOTE: I also enable firewall in ubuntu for ssh as follows:

sudo ufw allow ssh/tcp
sudo ufw enable

Am I missing something??

Community
  • 1
  • 1
Mubin Shrestha
  • 398
  • 3
  • 22
  • You seem to be missing pertinent information. You stated you use a USB dongle -- and? What is the dongle? Is it an ethernet cable? What does provide connectivity to? Who provides your internet connection? How is your workstation setup? It appears from the back and forth you had in the answer below there are things about your own setup (possibly that your browsers are proxied) that apparently explain your issue. It would be helpful if you researched that information and updated your question. – gview Aug 23 '17 at 17:39

1 Answers1

1

When you google 'what is my ip' does it give you the result you expected for my_ip? Google will report back the IP the outside world sees you as.

I have a feeling you might be going through a NAT router which you're recieving DHCP from, as such you're dongles IP isn't even being seen by EC2 to match a security group.

Ray
  • 40,256
  • 21
  • 101
  • 138
  • Thank you Ray. I double checked my ip with the tool provided by amazon ec2 itself and searching 'what is my ip'. They both give me the same result. I am confident that my ip is correct. – Mubin Shrestha Aug 03 '15 at 17:28
  • @Computergodzilla Dumb question, but your does your security group rule work with a /24 cidr postfix ? – Ray Aug 03 '15 at 17:34
  • 2
    @Computergodzilla Change your security group back to 0.0.0.0/0 temporarily, then SSH to the EC2 instance, and then within the SSH session find out what address your SSH client is actually coming in from. See http://stackoverflow.com/questions/996231/find-the-ip-address-of-the-client-in-an-ssh-session for some ideas on how to do that. – jarmod Aug 03 '15 at 17:35
  • @jarmod. Thank you. Very interesting. I found out that the ip I am connecting through is totally different. So is the IP shown by SSH session my true IP. What about the IP shown doing "whats my ip". – Mubin Shrestha Aug 04 '15 at 14:49
  • @Computergodzilla Your SSH session is presumably being routed through an SSH proxy and it is the proxy's IP address that the target EC2 instance sees. When you visit whatismyip.com you are not routed through that proxy (you're either going direct, or you're going through a different proxy, one that proxies HTTP/HTTPS only). Hence a remote SSH server sees you coming in from IP address #1 while a remote HTTP server sees you coming in from IP address #2. – jarmod Aug 04 '15 at 16:04