SSH hangs when connecting to Amazon EC2 instance

Question

I could connect to ec2 instance with the following command, but today I couldn't connect using it.

ssh -i abcKey.pem ubuntu@ec2-x-x-x-x.ap-southeast-1.compute.amazonaws.com -v

Following is the verbose. I have opened SSH port in EC2 ( I could connect to this till yesterday)

OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to ec2-x-x-x-x.ap-southeast-1.compute.amazonaws.com [x-x-x-x] port 22.
debug1: Connection established.
debug1: identity file abcKey.pem type -1
debug1: identity file abcKey.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent

Answer 1

One possible problem is that the Security Group restrictions are too strict for you to be able to connect. To fix this:

1. Go to the EC2 Management Console
2. Click on Security Groups (in the left sidebar).
3. Select your EC2 instance's security group.
4. In the bottom box, click on the Inbound tab.
5. There should be an SSH rule, make sure that it can be accessed from anywhere and that it is on the correct port (22 for SSH). Also, make sure that the protocol is TCP.

Answer 2

I was having the same issue. I followed what Amazon suggested in a video for handling a hanging SSH connection attempt. No dice. What worked in my case was using the following command:

ssh -i yourKeyHere.pem ec2-user@yourPublicIPHere -v

The publicIP is listed under publicIp in the EC2 management console.

Answer 3

I found I was getting stuck because my Route Table had no Internet Gateway setup.

I added an Internet Gateway, attached to my VPC, then added 0.0.0.0/0 to my Route Table targeting the Internet Gateway. This fixed this issue.

Answer 4

Mine answer is similar to colelemonz, except that I want to add some additional context. I created an EC2 instance with the default security group - accept traffic from anywhere to any port/protocol. However, ssh didn't work, even though my ec2 instance should have not have been rejecting any traffic.

The fix was to add another rule to my security group to allow ssh from anywhere on port 22. Once I did that, I was able to connect.

So, it appears the default rule is not sufficient. I don't understand why ...

Answer 5

The problem for me was the inbound rules in the security group. when creating the rule i have restricted it to MY-IP so i think the next day i get a new IP so i can no longer access it.