Cannot connect to EC2 - ssh: connect to host port 22: Connection refused

Question

I am currently overseas and I am trying to connect to my EC2 instance through ssh but I am getting the error ssh: connect to host ec2-34-207-64-42.compute-1.amazonaws.com port 22: Connection refused

I turned on my vpn to New York but still nothing changes. What reasons could there be for not being able to connect to this instance?

The instance is still running and serving the website but I am not able to connect through ssh. Is this a problem with the wifi where I am staying or with the instance itself?

Answer 1

I tried everything in this and several other answers, also in some aws youtube videos. Lost perhaps five hours over a few sessions trying to solve it and now finally..

I was getting the exact same error message as the OP. I even rented another EC2 instance in a nearer data centre for twenty minutes to see if that was it.

Then I thought it might be the router or internet provider in the guest house where I am staying. Had already noticed that some non-mainstream news sites had been blocked - and that was it!

You can check if the router is blocking port 22:

https://superuser.com/questions/1336054/how-to-detect-if-a-network-is-blocking-outgoing-ports

cardamom@neptune $ time nmap -p 22 portquiz.net
Starting Nmap 7.70 ( https://nmap.org ) at 2021-02-03 20:43 CET
Nmap scan report for portquiz.net (27.39.379.385)
Host is up (0.028s latency).
rDNS record for 27.39.379.385: ec2-27-39-379-385.eu-west-3.compute.amazonaws.com

PORT   STATE  SERVICE
22/tcp closed ssh

Nmap done: 1 IP address (1 host up) scanned in 0.19 seconds

real    0m0,212s
user    0m0,034s
sys 0m0,017s

Then, the question of why someone would want to block the ssh port 22 is addressed in at length here:

https://serverfault.com/questions/25545/why-block-port-22-outbound

Answer 2

My debugging steps to EC2 connection time out

1. Double check the security group access for port 22

2. Make sure you have your current IP on there and update to be sure it hasn't changed

3. Make sure the key pair you're attempting to use corresponds to the one attached to your EC2

4. Make sure your key pair on your local machine is chmod'ed correctly. I believe it's chmod 600 keypair.pem check this

5. Make sure you're in either your .ssh folder on your host OR correctly referencing it: HOME/.ssh/key.pem

6. Last weird totally wishy washy checks:

   • reboot instance
   • assign elastic IP and access that
   • switch from using the IP to Public DNS
   • add a : at the end of user@ip:

Totally mystical debugging sets for 6 though. That's part of the "my code doesn't work - don't know why. My code does work - don't know why." Category

Note: If you access your EC2 while you are connected to a VPN, do know that your IP changes! So enable incoming traffic from your VPN's IP on your EC2 security group.