Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

SSH port 22 connection time out error, but it is after connecting to EC2 and getting fingerprint etc

0

**I literrally need help, my situation is very strange. I try to fix it about 3 or 4 days by still get nothing. **

<p>I tried to connect to my Amazon EC2 Ubuntu from my home Computer on Windows, as i understand it stars connection, but get "22 connection time out". And firstly i had a message "the aurhenticity of host.... can't be eastablished...... key fingerprint is..... Are you sure you want to continue connection? (yes/no/fingerprint). “ I answered yes, ofcourse, and i know it means ssh is connected to 22, (so it means my Windows send TCP initilalization, and server Ubuntu answered and gived fingerprint, ets). BUT after this I always get "22 connection time out". And when i check detailes about my problem on Windows, i usually see at logs this error: "identity file" my path/key_name.pem" type 1". (but maybe its not important error) </p> <p>!!!!Also i checked logs from home Windows and Linux Ec2, and it looks like aurhentification started, but my home computer gets nothing from server and connection time out. But i don't know, maybe it’s incorrect explanation. </p> <p>What I tried for my EC2 and home pc: Aws Ec2 Ubuntu, so-called "server":
  1. My server is ok, it is running, always easy connects from AWS connect console.
  2. My VPC is okay and attached to the correct server.
  3. My security groups are okay, also have okay inbound and outbound rules, icluding ssh port 22 TCP rules, ICMP, all ports from all ip, etc. And they all attached correctly to the server and VPC.
  4. Aurhentification by key is on
  5. Linux ufw is inactive
  6. My NACLs are okay
  7. My Ip tables are okay and attached
  8. My route tables are okay and have 0.0.0.0/0 inbound and outbound
  9. Password connection is disabled
  10. SSH connection is on at ssh nano
  11. SSH is really getting by port 22
  12. I use correct AMI name ("ubuntu" in my case)
  13. Tried to restart/reboot my server and get new ip, and connect to it, but it didnt help.
  14. ssh service is running</p>
<p>On my home Windows 10 pc:
  1. No firewall or branmauser rules
  2. Ping to my EC2 by my public ip is ok, it works
  3. Connection to ssh and port 22 works from my home pc Windows
  4. Test connection to my EC2 ip with port 22 is ok, it always works (!)
  5. I tried to use mobile Internet and vpn with different regions, but still the same problem
  6. Path to my .pem key is correct and all wrote by lathinic symbols
  7. I tried to ping 8.8.8.8 - f -l command and found the problem because of my MTU size was too large for my connection type: it was 1500. I made size MTU 1360 and this command started to work coreectly. But id did'nt help too with main problem.
  8. Open ssh server and client servicies works </p>

Keys:

  • My private key is ok, i tryed to create public .pub key from it and get the same symbols, which are on Linux Ubuntu server. And i tried to replace it, but it didnt help.

  • And I tried change type of my pem key from rsa to open ssh, but still no any result.

  • And also I thinking about to create ney keys and try, but I think it won't hepl, and also afraid to lose my free trial preferences. Also I dont have any IAM users and roles, but I think it is not necessary for my problems, isn't it? And also I resized my EC2 from 8 GB to 30 GB (and done snapshot), but my keys are still ok, so I don't think it is a problem.

<p> I checked many forums and other posts, but it doesn’t helped. So please help, it's really very strange, I really need any ideas. Sorry for the longread and grammar mistakes!</p>

Topics
ComputeNetworking & Content Delivery
Tags
Amazon EC2Amazon VPCWindowsAmazon LinuxSecurity Group
Language
English
asked 2 months ago150 views
4 Answers
1

Hello.

Does the same problem occur when connecting from a different OS or a different PC?
For example, does the error occur when connecting from Mac OS or terminal software such as Tera Term?

EXPERT
answered 2 months ago
  • good_day
    2 months ago

    Thanks for answering! I tried Tera Term, and the problem was same as usually: my server opened, but after this did nothing and no info about server etc, just blank screen and only loading. And connection stopped after some time (connection time out). This problem appears with any device or OS: I tried Windows pc and Android mobile, for example. However, I tried change internet connection: I was connected all the time to my mobile internet provider (sim card) (using WiFi module for pc and straight forward connection to the phone). So I tried to use my home provider connection - and my problem partly solved! My server is available from any device without vpn or anything else, just using home provider connection. But I have to use mobile internet provider usually, and don’t have an opportunity to use always my home provider connection. So now I want to find the reason of this server behaviour. Could it be something like different MTU size for mobile internet and home internet, I don’t know? Also I found some information that versions 24 and 22 of Ubuntu, which I using now as server, have some bugs with internet connection because of file error. But I don’t think it is my case, because of home provider connection works, isn’t it?

  • Riku_Kobayashi EXPERT
    2 months ago

    I tried it with my AWS account and was able to connect via SSH successfully. The region I'm using is the Tokyo region. By the way, does the same error occur if you change the EC2 OS to something like Amazon Linux 2023 instead of Ubuntu? If it only occurs with Ubuntu, there may be a problem with the AMI you are using.

1

Based on your detailed description, you're experiencing an unusual SSH connection timeout issue where the initial connection and fingerprint verification succeed, but then the connection times out. This suggests that the initial TCP handshake is working, but something is interrupting the connection afterward.

Since you've already verified that:

  • Security groups are properly configured
  • Network ACLs are correctly set up
  • Firewalls are disabled
  • SSH service is running
  • The instance is reachable (ping works)
  • The initial connection starts (you get the fingerprint prompt)

Here are some potential solutions to try:

  1. MTU Issues: You mentioned adjusting your MTU to 1360, which is a good step. Network issues related to MTU can cause connection problems after the initial handshake. Try experimenting with different MTU values.

  2. SSH Client Configuration: Try adding verbose output to your SSH command to see where exactly the connection is failing:

ssh -v -i "path/to/key.pem" ubuntu@your-ec2-ip

This will show you detailed information about the connection process.

  1. SSH Server Configuration: Connect to your instance using the AWS EC2 Serial Console or Systems Manager Session Manager, and check the SSH server configuration file (/etc/ssh/sshd_config) for any unusual settings that might be causing timeouts.

  2. TCP Keepalive Settings: Try adding keepalive options to your SSH command:

ssh -o ServerAliveInterval=60 -i "path/to/key.pem" ubuntu@your-ec2-ip

  1. Alternative SSH Client: Try using a different SSH client like PuTTY or MobaXterm to see if the issue is specific to your current client.

  2. Check System Resources: High CPU usage or memory pressure on the EC2 instance could cause SSH connections to time out after initial handshake. Check the instance's resource utilization.

  3. Network Path Issues: There might be a network device between your computer and the EC2 instance that's allowing the initial connection but blocking subsequent packets. Try connecting from a completely different network.

  4. Try EC2 Instance Connect: As a workaround, you could use EC2 Instance Connect through the AWS Management Console to access your instance while troubleshooting the SSH issue.

Since you've already tried many common solutions, this appears to be a more complex networking or configuration issue that might require deeper investigation.
Sources
Can't connect to Linux instance even after the health status checks pass | AWS re:Post
Port 22: Connection Time Out Issue | AWS re:Post
ssh operation timed out | AWS re:Post

answered 2 months ago
  • good_day
    2 months ago
    1. I tried but nothing changed
    2. It's showed same problems: type -1 error with key and connection time out 22 port
    3. I checked all configuration again, and find nothing special. Everything is allowed and things needed to be uncommented are uncommented too.
    4. Tried PS C:\Windows\system32> ssh -o ServerAliveInterval=60 -i "C:\Users\Work.ssh\keyy.pem" ubuntu@my-ip*** ssh_dispatch_run_fatal: Connection to my-ip**port 22: Connection timed out - so I had same error
    5. tried Putty with .ppk key format and different settings like diffie-hellman-group14, but same result: connection starts, and than '"Network error: Software caused connection abort"
    6. Interesting idea, but not my situation at all: my home pc and server pc have enough resources still.
    7. When I tried different network, same problem: ssh connection time out.
    8. I always use it, and it 100% works. So thanks for the answering, but it didn't wok at all. I tried everything and still don't understand where my "wire" breaks.
0

So I still waiting for another new comments :)

answered 2 months ago
0

UPD: I created a new Linux Ubuntu server with a new key and same settings, and the problem still same too

answered 2 months ago

Relevant content