SSH into EC2 Spot Instance - amazon-web-services

It's my first time using an ec2 instance from the spot market. I'm assuming its the same to SSH into as with any normal instance. I submitted a request and got one back but now for some reason when I try to SSH into with the public IP I'm getting a timed out error. Is there anything else I need to do after submitting the Spot request, other than waiting for someone to fill it?

As many other users have commented, there are two things need to be done for ssh
assign an aws key-pair when launching the instance
assign a security group with ssh permission
To check whether these two conditions are met for your instance, you can go to the aws EC2 Management console, click on your instance at the instance tab, and check if there is a Key pair name associated with it, and whether the Security groups inbound rule contains port 22 tcp protocol.
If you launch with boto3, the command will look like this
rc = ec2.create_instances(ImageId=ubuntu_64bit,
InstanceType='t2.nano',
MinCount=1,
MaxCount=n_workers,
KeyName='my-key',
)
Here I used the default security group and I have added ssh permission to it.
When these conditions are met, you can log on to the instance using
ssh -i /path/my-key-pair.pem ec2-user#ec2-198-51-100-1.compute-1.amazonaws.com
Depending on the image you load, the user name could vary. Possible ones include ec2-user, centos, ubuntu, root.

Timeout error for ssh means port 22 on this spot instance isn't open to you. Check the security group and add your location IP, allowing access to port 22

Related

How to connect to SSH EC2 Amazon even if port 22 is already set up

Im getting Timeout error on ssh connection to EC2 even after set port 22 to anywhere, i see my user and is ec2-user indeed but im getting timeout everytime
Im already tried reboot the instance and change to other security group, even try Termius software (im on MAC) instead command line but notheing...
First of all, check you VPC and subnets inside this VPC in which you have created your instance. The subnet will have a route table, verify that subnet is attached to an Internet Gateway with Destination 0.0.0.0/0, otherwise add one by referring this link. Post this step, check that your security group has an Ingress Rule for port 22 from your ip(select my ip from drop down). You will not get Connection timeout error if these two steps are configured properly.

Default username for ec2 instance spawned by elastic beanstalk

I'm trying to use elastic beanstalk to deploy an application and one of the things I need to do is be able to log into the underlying ec2 instance and add dependencies. I added a key pair to the instance and put the private key file in ~/.ssh on my computer. Next I specified the key pair for the ec2 instance and it restarted and eventually the status was green
When I try to ssh into the ec2 instance I get the following error:
$ ssh ec2-user#myinstance.us-east-1.elasticbeanstalk.com
ec2-user#myinstance.us-east-1.elasticbeanstalk.com: Permission denied (publickey).
In the docs is says this could be due to an incorrect username.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html
Does anyone know what the default username is for ec2 instances created by elastic beanstalk?
Also if I'm doing this all wrong would appreciate some pointers there too.
1.To make sure that the there's no mistake the way you connect:
Go to EC2-> Instances
Select your instance
And press Connect
You should get the command to connect from the instructions from the Connect Popup. The correct username is mentioned there plus instructiins on how to set the correct permissions on the pem (applies to linux)
2.
Make sure that you modified the security group of the instance you're trying to connect do that it allows ssh from the ip of your pc. (This is not the case for the question, since the error is Permission denied (publickey), it means that it's not an sg issue, thx #diego)
3.
Also if you connect from a corporate network, try connecting from another network. It might be firewall issue.
4.
Last but not least make sure you ssh inside the .ssh path, or provide the correct pem path

Unable to ssh to instance after changing port

I have a running EC2 instance on which one of the database having transactional records stored through the application running on the same instance. I've change the port due to some security reasons but after changing port I'm unable to SSH to the instance.
My security group and NACL both having old as well as new port configured in it.
I've tried to SSH several times but it gives error Network Error: Connection timeout.
I'm scared about to data lost if this instance gets stopped. Need help!
You can login to instance without losing data with the help of 'session manager' option under the "System Manager". You will need to complete certain per-requisites of the session manager as follows given in the Amazon docs for Systems Manager Prerequisites
After completing the per-requisites assign the IAM role to the EC2 instance created for SSM.
Into the AWS console, search for the session manager option under the System manager and your instance ID will get listed over there.
Select the instance and choose for the Start session, you will get the shell console of your instance.
Revert the changes made in /etc/ssh/sshd_config for the port and try to SSH again.

How to connect to Amazon EC2 instance?

After I created a ubuntu VM(Amazon EC2 instance), I see below entry in "view instances":
I see public dns as Public DNS: ec2-13-58-17-118.us-east-2.compute.amazonaws.com
Instance: i-08c551d9713dfcd06 (ubuntu_VM)
Security groups: sg_ubuntu. view inbound rules. view outbound rules
To connect to this Amazon EC2 instance(ubuntu VM), am using below syntax from my ubuntu laptop:
ssh -i "ubuntu_key.pem" ubuntu#ec2-13-58-17-118.us-east-2.compute.amazonaws.com
and it works, but I do not know the reason, for its working
I understand that ec2-13-58-17-118.us-east-2.compute.amazonaws.com is domain name
1) What is ubuntu in ubuntu#ec2-13-58-17-118.us-east-2.compute.amazonaws.com?
2) Why Amazon EC2 instance creation process does not ask for assigning hostname to the EC2 instance, on aws website? after sshing, I see some dynamic hostname assigned(ip-172-31-30-203) which is not good for me...
3) What is security group? amidst creation of EC2 instance...
1) ubuntu is the username of that particular ec2 instance. In this case, since your instance is using Ubuntu, then by default you get that username. If you had created an instance using Amazon Linux 2, it would of have been ec2-user. You can check more here.
If you intend to change this username, you can in fact. Just like you would in any Linux OS, except for a few extra steps you need to follow in order to connect using SSH with this new username.
2) Each time you stop and restart your Amazon EC2 instance (unless you are using an Elastic IP address), the public IPv4 address changes, and so does your public DNS name, system hostname, and shell prompt. This is found in the user guide. If you want to have a static IP, you must create an Elastic IP address, although, it has a cost.
3) The security group, is a set of rules of how to access (inbound rules) your instance and what can your server reach (outbound rules). By default, if not mistaken, in your inbound rules, you should only have your SSH connection available.
ubuntu is the username on the server
I'm not sure why this is, but you are able to change it using the command sudo hostnamectl set-hostname your-desired-hostname. You can read more in the AWS UserGuide
Security groups are firewall rules that you can use to protect your VM from the outside world. You can block access to specific ports, only allow access to specific ports from an IP address or IP range. For example, you can use it to restrict access to SSH only to your office IP address to prevent anyone else from logging into your EC2 instance.

How can access AWS RDS by CLI / PUTTY?

I am new to AWS , I can access EC2 user by putty. Like this how can i connect AWS RDS by PUTTY ?
I have AWS RDS Endpoint , If i try like the below
mysql -h testing.cx2wamr3cbzm.us-west-2.rds.amazonaws.com -P 3306 -u Username -p
I am getting some error like
ERROR 2003 (HY000): Can't connect to MySQL server on 'testing.cx2wamr3cbzm.us-west-2.rds.amazonaws.com' (110)
I think there is a problem with security group.I searched more, but its difficult to understand for me.
I want to create database and assign rights ?
Thanks
RDS is not available to the world by default. It's also generally a bad idea to allow access to the RDS from anywhere except from inside your VPC. I recommend you do the following:
Create a security group that allows access to the RDS over port 3306 from your EC2 instance
Visit https://console.aws.amazon.com/ec2/home#s=SecurityGroups and create a new security group.
Switch to the inbound tab and choose MYSQL from the dropdown.
Erase the 0.0.0.0/0 in the source field then click the input field. It will present you with a list of existing security groups. Choose the one that your EC2 instance belongs to.
Click the apply rule changes button
Assign the security group to your RDS
Visit https://console.aws.amazon.com/rds/home#dbinstances: and select your RDS instance and under the Instance Actions menu select Modify
Change the RDS security group to the one you just created
Make sure to select the Apply immediately option at the bottom of this page
Click Continue and apply the new changes. (the change can sometimes take a couple of minutes)
SSH into your EC2 instance then run the mysql command in your question