Cannot connect to EC2 - ssh: connect to host port 22: Connection refused

Question

I am currently overseas and I am trying to connect to my EC2 instance through ssh but I am getting the error ssh: connect to host ec2-34-207-64-42.compute-1.amazonaws.com port 22: Connection refused

I turned on my vpn to New York but still nothing changes. What reasons could there be for not being able to connect to this instance?

The instance is still running and serving the website but I am not able to connect through ssh. Is this a problem with the wifi where I am staying or with the instance itself?

is Port 22 is allowed in inbound configuration? – Saravanan N Jun 28 '17 at 12:29 — Saravanan N, Jun 28 '17 at 12:29

iSkore · Accepted Answer · 2017-06-28T13:06:02.707

10

My debugging steps to EC2 connection time out

Double check the security group access for port 22
Make sure you have your current IP on there and update to be sure it hasn't changed
Make sure the key pair you're attempting to use corresponds to the one attached to your EC2
Make sure your key pair on your local machine is chmod'ed correctly. I believe it's chmod 600 keypair.pem check this
Make sure you're in either your .ssh folder on your host OR correctly referencing it: HOME/.ssh/key.pem
Last weird totally wishy washy checks:
- reboot instance
- assign elastic IP and access that
- switch from using the IP to Public DNS
- add a : at the end of user@ip:

Totally mystical debugging sets for 6 though. That's part of the "my code doesn't work - don't know why. My code does work - don't know why." Category

Note: If you access your EC2 while you are connected to a VPN, do know that your IP changes! So enable incoming traffic from your VPN's IP on your EC2 security group.

edited Jun 28 '17 at 13:06

answered Jun 28 '17 at 12:39

iSkore

7,394
3
34
59

1

Thanks! My home ip was the only one that was allowed on port 22 – random_0620 Jun 28 '17 at 13:00
1

You got it! Ya that's my checklist whenever accessing EC2. – iSkore Jun 28 '17 at 13:01
1

If this answered your question, please mark it with the check mark to close the post. Thank you! – iSkore Jun 28 '17 at 13:02
1

Thanks! In my case my dns was changed because I have a free tier's instance – peterzinho16 Sep 25 '19 at 12:32
1

You mean the IP? Free tier shouldn't have anything to do with that. If you don't have an Elastic IP attached to the EC2 - the IP/generated host name will change when you restart the instance. That happens no matter what tier you have. Free tier just means you can have a few things for free. Everything is (as far as I know) identical. But glad I could help! – iSkore Sep 25 '19 at 21:48
don't know how, But assigning elastic ip address and changing the size of instance from medium to large worked for me. – Onkar Musale Dec 20 '21 at 13:34

score 9 · Answer 2 · answered Dec 08 '17 at 21:54

In AWS, navigate to Services > EC2.
Under Resources, select Running Instances.
Highlight your instance and click Connect.
In Terminal, cd into the directory containing your key and copy the command in step 3 under "To access your instance."
In Terminal, run: ssh -vvv -i [MyEC2Key].pem ec2-user@xx.xx.xx.xx(xx.xx.xx.xx = your EC2 Public IP) OR run the command in the example under step 4.

score 3 · Answer 3 · answered Jun 28 '17 at 12:44

3

Just check if your public ip that you get when you are on VPN is configured as a source address in the SG inbound entry that opens up port 22.

You can check your ip using https://www.google.co.in/search?q=whats+my+ip, when connected to your VPN.

answered Jun 28 '17 at 12:44

Yogesh_D

17,656
10
41
55

Thanks this helped – random_0620 Jun 28 '17 at 13:52

score 3 · Answer 4 · answered Feb 03 '21 at 20:06

I tried everything in this and several other answers, also in some aws youtube videos. Lost perhaps five hours over a few sessions trying to solve it and now finally..

I was getting the exact same error message as the OP. I even rented another EC2 instance in a nearer data centre for twenty minutes to see if that was it.

Then I thought it might be the router or internet provider in the guest house where I am staying. Had already noticed that some non-mainstream news sites had been blocked - and that was it!

You can check if the router is blocking port 22:

https://superuser.com/questions/1336054/how-to-detect-if-a-network-is-blocking-outgoing-ports

cardamom@neptune $ time nmap -p 22 portquiz.net
Starting Nmap 7.70 ( https://nmap.org ) at 2021-02-03 20:43 CET
Nmap scan report for portquiz.net (27.39.379.385)
Host is up (0.028s latency).
rDNS record for 27.39.379.385: ec2-27-39-379-385.eu-west-3.compute.amazonaws.com

PORT   STATE  SERVICE
22/tcp closed ssh

Nmap done: 1 IP address (1 host up) scanned in 0.19 seconds

real    0m0,212s
user    0m0,034s
sys 0m0,017s

Then, the question of why someone would want to block the ssh port 22 is addressed in at length here:

https://serverfault.com/questions/25545/why-block-port-22-outbound

score 0 · Answer 5 · answered Oct 25 '19 at 23:46

Had the same problem after creating some instances on a new VPC. (If internet SSH worked before this solution may not work for you)

When creating a new VPC, make sure you create an internet gateway (VPC -> Internet Gateways)

And also make sure that your VPC's routing table (VPC -> Route Tables) has an entry which redirects all IPs (or just your IP) to the internet gateway you just created.

score 0 · Answer 6 · answered Jun 20 '20 at 13:20

0

For me, it was because of this: NOT ec2-user@xx.xx.xx.xx BUT THIS =>>> ubuntu@xx.xx.xx.xx

Watch the image of EC2 instance!

answered Jun 20 '20 at 13:20

Andy RWBY

1

score 0 · Answer 7 · edited Nov 06 '21 at 00:32

0

Instead of

ssh -i "key.pem" ubuntu@ec2-161-smth.com

use

ssh -i "key.pem" ec2-user@ec2-161-smth.com

edited Nov 06 '21 at 00:32

Jeremy Caney

7,102
69
48
77

answered Nov 05 '21 at 09:47

Husky931

636
6
10

Cannot connect to EC2 - ssh: connect to host port 22: Connection refused

7 Answers7

Linked