ssh timeout issue connecting to an EC2 instance on OS X

ssh amazon-web-services amazon-ec2 mac-osx amazon-vpc

I am new to AWS and not a networking expert but curious to know more about it.

I created a VPC with a public subnet only. Then i created an EC2 instance using an Ubuntu 14.04 64-bit pv AMI image (ami-e84d8480) as well generating the key pair needed to connect to it through ssh.

I followed amazon's instructions to connect to an EC2 instance via ssh which did not work.

Here is my attempted input and debug log:

Running on OS X 10.9.4 

user$ ssh -vvv -i key.pem [email protected]
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 102: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port 22.
debug1: connect to address xxx.xxx.xxx.xxx port 22: Operation timed out
ssh: connect to host xxx.xxx.xxx.xxx port 22: Operation timed out

To attempt to resolve the issue:

  1. I enabled the SSH port.
  2. Tried different usernames other than ubuntu, like ec2-user and root.
  3. Initially set an inbound ssh rule in the security group to connect to only my ip address. When that did not work, i changed it to allow any ip to connect.

But those actions did not fix the problem.

Here are my guesses as to what i am missing in getting the EC2 instance connection to work.

  1. My etc/ssh_config file may be preventing the connection from taking place.
  2. I may have missed an important networking detail when setting up the VPC.
  3. I do not have a public ip address specified for the instance. I am connecting through the private ip address.

My questions for the community:

  1. Am i going about it the wrong way connecting to the instance through the private ip address? if so, do i need to specify a public ip address for it to connect or some other method?

After reading the VPC documentation more closely, my first EC2 instance is connected.

Here is what i got wrong when setting up the EC2 instance and VPC.

With only a private ip, my development machine would never be able to connect to the EC2 instance unless it was a part of the VPC's network. So to talk to it from the outside, I needed to specify that for every instance created that an associated public ip address be assigned as well.

Here is what did to fix it:

  1. Correct me if i am wrong, but it looks like there was not an option in the EC2 browser console to assign a public ip address to the already created instance, So i ended up deleting it.

  2. I want back to the VPC console, and went to the subnets option. I then selected the public subnet that was initially created in the VPC wizard and specified in the "Modify Auto-Assign Public IP" option to enable the auto-assignment of a public ip address for every new EC2 instance created.

  3. Create a new EC2 instance, and a new public ip address is assigned.

  4. Followed amazon's directions for ssh and communication was successfully initiated.

Related

Separating java stdout and stderr with systemd and without filling journal
Could a Microsoft security update make major changes to the IIS configuration like this?
Use mandatory profiles on the RD Session Host server
How do I enable SAML Passive Authentication in ADFS 3.0?
nginx reverse proxy not passing requests
POST of MTU + ~798 bytes gets lost
Puppet: Can't manually generate cert and issue cert request over API
Linux Authentication by Active Directory without joining to domain
What should an s3 end point look like when configuring an ALIAS record in Route53?
How to Configure A Software Update Baseline in SCCM 2012
BITS policies to limit bandwitdth usage is not taking effect
How to detect virtual machines freezes