Trying to ssh into my amazon EC2 linux instance from a Windows 10 box. I have got openssh for windows from https://www.mls-software.com/opensshd.html . I know that I am behind a corporate firewall and a web proxy. My Inbound rule settings on the EC2 instance is
ssh -i "awslamp.pem" ec2-user#ec2-xx-xx-xx-xxx.ap-southeast-2.compute.amazonaws.com
gives
port22: Connection refused
Have you tried "my ip" in inbound rule settings? Also, try allowing SSH from all IP addresses for troubleshooting purposes. I know that it's not the recommended settings. It's just for troubleshooting and making sure that your corporate network allows you to connect to it. Do not forget to change the settings back to custom.
Related
I just launched a instance on AWS and I'm trying to open the website. So I copy the Public IPv4 address and paste it on my page. But it always returns This site can’t be reached 35.78.183.239 took too long to respond.
I've changed my firewall setting to access google chrome and set security groups HTTP, HTTPS. I can't figure out where the problem is. Any suggestions?
You didn't specify what webserver or AMI is on your EC2 instance.
You need to setup an AMI or manually install and setup a webserver for anything to show, otherwise the EC2 instance, while reachable, will not respond.
Make sure that ssh access is enabled and try ssh into the machine. If you can successfully login, then you know the instance is reachable and the problem is with your webserver software. This will help you debug.
What port is your application running on? When you enable HTTP and HTTPS it only allows ports 80 and 443 on the security group. This won't help if your application runs on a different port, so you'll need to add that to your security group to allow inbound traffic.
I have a mongo instance running on a google cloud VM and my application lost access to it overnight. I'm not being able to SSH to it and Cloud console is looking weird.
VM Image: bitnami-mongodb-3-2-1-1-r04-linux-debian-7-x86-64
It first says I don't have permission to access the instance console page. Eventhough I'm the owner of the project and I can see it once I close the modal.
Then when I try to SSH using the built-in SSH tool I first get the following message. I see I have a VPC setup so I'm not really sure if that is actually expected or not.
If I try the alternative method I then get the following:
Does anyone has any hint on what could be the issue?
UPDATE:
VPC Firewall settings are set to allow SSH and the target project is set for it this rule:
I also have an external static IP set for this VM.
Just yesterday I could connect to my mongo instance through port 27017 and it stoped working without touching any GPC configuration.
Based on the information you have provided, it would seem that your GCE VM instance is currently utilizing IAP (Identity-Aware Proxy).
With this in mind, any overviewing the error message you are receiving, it would seem that your firewall rules aren't allowing connections on the SSH port. There should be an ingress rule to allow traffic to the instance on TCP port 22 (SSH) on that VPC network.
Generally, this is automatically created by GCP, on the default network it is typically called "default-allow-ssh", but you can also manually create it in the VPC Network -> Firewall rules tab. Make sure it applies to the instance in question (either through "All targets" or a target tag that matches the instance). You can read more about GCP firewall rules in the documentation.
Likewise, make sure you have an external IP or that you are following one of the options described here.
I was using digitalocean and want to try out gcp compute instance. I created an ubuntu instance, did cat ~/.ssh/id_rsa.pub in my terminal and added onto the instance. Then I tried ssh james#external ip in my terminal (I'm using mac) but it just hang there.. then a min later, I got Connection refused error. What's wrong?
There are numerous possible reasons for this, but mostly likely you're missing a firewall rule to allow connections from the outside:
gcloud compute firewall-rules create default-allow-ssh --allow tcp:22
If this doesn't help, check out the Troubleshooting SSH article in the GCP docs.
First check your network can communicate to compute engine via simple ping command.
ping <GCE external IP>
or
telnet <GCE external IP> 22
If you getting request timed out then most probably firewall issue. go to cloud console and create/update firewall rule under VPC section. search tcp:22 in firewalls section and edit/create firewall rule (add your IP ranges into source IP range section) for ssh connection.
refer: https://cloud.google.com/sdk/gcloud/reference/compute/firewall-rules/create
I didn't find such guide or articles how to do it for ElasticSearch hosted on Windows server.
I have the EC2 amazon windows instance which running ElasticSearch server on port 9200, but I can't achieve it by _ec2_ip_adress:9200 outside the server.
I completely sure that all TCP ports are opened in amazon security group rules, I've turned off the firewall on the server as well.
So that is the problem in ElasticSearch configs.
Can someone help me with that?
Well but you know that then any body would be able to delete/create stuff in your index until you have shield.
If you really want to open it, also make sure that in windows firewall you opened port 9200.
So what i would do i would probably restrict in firewall on in Amazon access to this port for specific IPs (Actually in my project i am doing that :) )
There is one more thing to check on which IP is runned as soon as i remember ES will run on private IP. Look to network.host default is __local__. Try network.host: 0.0.0.0
I have set up a a micro EC2 instance on AWS. Currently, I am using the free tier in Oregon. There are two problems which I am facing.
When I try to SSH the instance using the public DNS, it says host does not exist but when I try conencting it using the public IP, it connects to it. What setting is needed to use the public DNS ?
I have opened the SSH client using the IP address. I want to set up my application which needs Node.js and MongoDB. I installed Node.js using this
Next I installed MongoDB using this
Then I connected to my instance using Filezilla and uploaded my code to it. I then start my node application which uses socket.io.
When I try to connect to socket.io server using web browser, I get a message which says connection refused "error 111". I have opened TCP port 80 in instance's security groups. In iptables, I have forwarded port 80 to 8080, but still it does not work. I have also checked that the firewall is disabled in ec2. Kindly help me to resolve this issue.
Did you check if all of the necessary ports are open on Amazon Security Policy?
What you can do is to allow all traffic on Amazon Security Policy for test and see if the connection goes well or not.
You might also check if you need access DB from outside. In that case, you also have to open the mongodb port and setup mongodb correctly as well.
Other tools that might useful to test firewall and connection issue will be tcpdump and syslog file
For the dns issue, did you try to nslookup on that name and see if the IP shown matches your server IP?
As Amazon gives a long DNS hostname for the server, I always use my own domain name. It's much easier.
example : ec2.domainname.com, which points to the Amazon IP address
Hope that help.
My problem is resolved now..
For the DNS issue, earlier I needed proxy to access internet, so I guess the DNS name was not getting resolved. When I tried using proxy free internet, I was able to ssh using public DNS.
And regarding connection to socket.io, I used port 8080 instead of 80 and used "sudo node main.js" to run my node file. Now I am able to connect to the socket.io server and MongoDB.
Another thing which I want to ask is that would running the node file with sudo rights create some security issue ?
Thanks for the answer! That also worked for me. I had the same problem trying to connect through sockets (http://myipaddress:3000) to a node.js server, i tried opening ports on the actual ec2 instance and disabling the firewall through SSH but nothing worked. Had to go to Security Groups on the ec2 console and open a new inbound tcp rule enabling that port