Why can't I connect to my Amazon EC2 Linux instance using SSH?

Last updated: 2022-06-15

I can't connect to my Amazon Elastic Compute Cloud (Amazon EC2) Linux instance. How do I troubleshoot and resolve this issue?

Short description

To troubleshoot the issue, log in to the EC2 instance over SSH with verbose messaging on. Use the output messages from the SSH client to determine the type of issue. Then, follow the troubleshooting steps in this article to resolve the issue.

Resolution

Log in to your instance to identify the issue

1.    Log in to the EC2 instance over SSH with verbose messaging on:

user@localhost:~$ ssh -v -i my_key.pem ec2-user@11.22.33.44

This example uses my_key.pem for the private key file, and a user name of ec2-user@11.22.33.44. Substitute your key file and your user name for the example's key file and user name. For more information, see Connect to your Linux instance using SSH.

2.    Use the output messages from the SSH client to determine the type of issue you are experiencing.

Use the EC2 Serial Console for Linux to troubleshoot Nitro-based instance types

If you turned on EC2 Serial Console for Linux, you can use it to troubleshoot supported Nitro-based instance types. You can access the serial console using the serial console or the AWS Command Line Interface (AWS CLI). You don't need a working connection to connect to your instance when you use the EC2 Serial console.

Before you use the serial console to troubleshoot:

  • Grant access to the serial console at the account level
  • Create AWS Identity and Access Management (IAM) policies granting access to your IAM users
  • Check that your instance includes at least on password-based user
  • If connecting with EC2 Instance Connect using the AWS CLI, make sure that you’re using the most recent version of the AWS CLI.

Troubleshoot common errors

Error: "Connection timed out" or "Connection refused": To resolve this error, see I'm receiving "Connection refused or "Connection timed out" errors when trying to SSH to my EC2 instance. How do I resolve this?

"connection timed out" errors on a virtual private cloud (VPC): To resolve this error, see How do I troubleshoot Amazon EC2 instance connection timeout errors from the internet?

Error: "Permission denied" or "Authentication failed": To resolve this error, see I'm receiving "Permission denied (publickey)" or "Authentication failed, permission denied" errors when trying to access my EC2 instance. How do I resolve this?

Error: "Server refused our key": To resolve this error, see Why am I getting a "Server refused our key" error when I try to connect to my EC2 instance using SSH?

Error: "imported-openssh-key" or "Putty Fatal Error": To resolve this error, see Why am I receiving "imported-openssh-key" or "Putty Fatal Error" errors when connecting to my Amazon Elastic Compute Cloud (Amazon EC2) Linux instance?

Error: "Enter passphrase for key 'my_key.pem'":

This error occurs if you created a password for your key file, but haven't manually entered the password. To resolve this error, enter the password or use ssh-agent to load the key automatically.

Automatically troubleshoot SSH errors

There are a number of reasons why you might get an SSH error, like Resource temporarily unavailable. Run the AWSSupport-TroubleshootSSH automation document to automatically find and resolve errors like this.