The commands also verify that the sshd service is running and listening on port 22.ġ. These commands verify that the SSH connections aren't being blocked by the OS firewall or TCP wrapper.
#MAC RESTART SSHD SERIAL#
For more information on running ssm-user commands, see the section Managing ssm-user sudo account permissions on Linux and macOS.Īfter configuration, connect to the EC2 instance through the EC2 serial console using a password-configured Linux user.
#MAC RESTART SSHD PASSWORD#
If there isn’t a Linux account with a login password configured, you must run ssm-user to reset the password for an account with sudo access. Note: Each instance using the serial console must include at least one password-based Linux user with sudo access.įor more information on configuring the EC2 Serial Console for Linux, see Configure access to the EC2 Serial Console.
Then, create AWS Identity and Access Management (IAM) policies granting access to your IAM users. The serial console is accessible using the Amazon EC2 console or the AWS Command Line Interface (AWS CLI).īefore using the serial console, grant access to it at the account level. The serial console allows troubleshooting of boot issues, network configuration, and SSH configuration issues. If configured, you can use the EC2 Serial Console for Linux to troubleshoot OS-level issues on supported Nitro-based instance types. Method 1: Use the EC2 Serial Console for Linux Method 3: Run the AWSSupport-TroubleshootSSH automation runbook.Method 2: Use AWS Systems Manager Session Manager.Method 1: Use the EC2 Serial Console for Linux.If the instance passes both health checks, use one of the following four listed methods with your configuration
#MAC RESTART SSHD VERIFICATION#
Note: Both verification steps require OS-level access of the instance. The SSH daemon (sshd) is running and listening on port 22.There's no firewall on the instance rejecting the SSH connection.For the “Connection refused” error, verify the following Note: The last two verification steps require OS-level access of the instance. SSH isn't blocked by TCP Wrappers in the instance.There isn't a firewall blocking the connection between SSH client and the EC2 instance.The route table of the instance’s subnet is configured properly to provide connectivity between EC2 instance and the SSH client.The network ACLs of instance subnet allows incoming traffic on TCP port 22 and allow ephemeral port for the outgoing traffic.The security group of the instance allows incoming traffic on TCP port 22.The instance is passing its health checks.The instance's IP address or hostname is correct.Resolution For the “Connection timed out” error, verify the following A firewall blocked and was set to reject the package instead of dropping it.