How to troubleshoot SSH connection issues with AWS EC2

Jan 24, 2020

Share this post

EC2 Instance connect allows one to connect EC2 instance directly from browser. If you are trying from command line or putty and experiencing issues.. please see below cases.

Case-1: Connection timed out.

If your EC2 instance is running and trying to SSH with correct IP (there will be a change in IP after each restart), there must be a security group issue. Any timeout is related to security group or a firewall, ensure your security group is correct (port, protocol, source IPs etc) and assigned to the EC2 instance.

If there is still a connection timeout issue, it means a corporate firewall, or a personal firewall is blocking the connection. Please use EC2 instance connect.

Case-2: Connection refused.

    • It means the EC2 instance is reachable but SSH utility is not running. Please install SSH client on your local machine and try again.

Case-3: Permission denied (publickey,gssapi-keyex,gssapi-with-mic)

    • This means either three things:
    • You are using wrong security key or not using a security key. Please look at your EC2 instance configuration to make sure you have assigned the correct key to it.
    • You are using wrong user. Please try with ec2-user.
    • Key file permissions are incorrect. Please change it to 0400 (in case of Windows, please ensure nobody else has any level of access to the file except you).

Case-4: No supported authentication methods available (server sent: publickey, gssapi-keyex,gssapi-with-mic) error when trying from Putty.

This happens when you do not use key in  .ppk format.

    • Open PuTTYgen -> Go to File -> Load private key and open “.pem” file.
    • Save private key in “.ppk” format.
    • Now, load your session in putty (ec2-user@IP) -> SSH -> Auth -> browse private key which you just saved and hit open, you should be all set and logged onto EC2 instance.