Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

SSH not working to C3 compute-optimized machines

Tags:

ssh

amazon-web-services

amazon-ec2

I cannot connect to any machine I create on EC2 that belongs to the C3 family.

I have no problem connecting with SSH to any other type of machine.

What do I need to do to further debug this?

The steps I've taken:

  • I create a t1.micro machine with the same image (an ubuntu 13.10 64bit AMI ami-2f252646), and the same key-pair, and hte same security group. It works fine.
  • I ssh to a t1.micro machine, and then ssh again from that machine to the C3 machine. That tells me the machine is up and running and my problem is connecting to the C3 machine from my PC directly (going through the office router).
  • I try to telnet to the t1.micro machine on port 22 - I get a connection.
  • I try to telnet to the C3 machine on port 22 - does not work.
  • I try to telnet to the C3 machine on port 22 from another PC, not from the office - I get a connection.
  • I tried this with several C3 type machines, all iwht the same result.

So:

  • The machine is up and running, and can accept connections.
  • There is obviously a problem in the coupling between my office connection and the C3 machine.
  • My office connection works fine with any other type of m1/c1/g1/m2 machine, so it's only the "3" family that has that problem.

I'm at a loss on how to solve this, or even debug this further. Right now I'm tunneling to my machine through a proxy t1.micro machine...

My operating system is itself Ubuntu 13.10

Here is a gist link to the output of my ssh -vvv command

It seems to get stuck at debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

like image 619
eran Avatar asked Jun 04 '14 14:06

eran

1 Answers

Solved it, with the help of AWS professional (paid) services.

The problem is with some of the authentication protocols. I have a high (9000) MTU (minimal transfer unit) configured in my network connection, I need this to access big chunks of data.

The solution is either to lower the MTU to below 1400 (which is not good for me, because I need it), or to change the SSH config, which worked for me.

sudo vi /etc/ssh/ssh_config

and uncomment the lines starting with Ciphers and MACs

mine says:

Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160

This is a bug from Ubuntu 12.10 and onwards (it works in 12.04 and below)

like image 171
eran Avatar answered Nov 11 '22 16:11

eran
Sign in to Comment

Related questions

How can I run Rails background jobs with Resque on AWS Elastic Beanstalk?
Upload a file to S3 using the AWS SDK
How does Instagram name files
nginx large static file serving slow on AWS EBS-backed server
How to fetch the CloudWatch metrics data for EC2 instances
dynamodb getitem using php - I only want to retrieve the value
What changes after AWS instance is stopped then restarted
How to use output of RedShift query as input of an EMR job?
Check if File Exists on Amazon s3 Signed URL
ElasticCache - What is the difference between the configuration and node endpoint?
Wordpress on AWS EC2 - broken after assigning elastic IP
Managing AWS credentials separately and accessing those in java code
android aws error code bucket already owned by you
Windows Authentication behind AWS Elastic Load Balancer (ELB) not working
How to use scriptVariables in hive (AWS Data Pipeline)
Amazon SQS queue limits
AWS EC2 : upgrade from AMI 1 to AMI 2
How can I make a S3 bucket public (the amazon example policy doesn't work)?
How to change permission recursively to folder with AWS s3 or AWS s3api
Unmarshall DynamoDB JSON

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!