Can not able to ssh between two ec2 instances

[Kiran Sonawane]

Hey,

I'm trying to SSH between two instances to practice Ansible on aws instances but I'm not able to create an ssh connection between instances. Can someone please  help me.

[Jonathan Lozada De La Matta]

are you able to ssh in regularly without ansible and what errors are you getting?

On Fri, Aug 10, 2018 at 9:58 AM Kiran Sonawane <kiransona...@gmail.com> wrote:

Hey,

I'm trying to SSH between two instances to practice Ansible on aws instances but I'm not able to create an ssh connection between instances. Can someone please  help me.

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0bc165b2-803c-48b7-85e0-e5ebb9db6faf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Jonathan lozada de la matta

AUTOMATION CONSULTANT - AUTOMATION PRACTICE

Red Hat Consulting Services

jloz...@redhat.com   

 

[Tony Chia]

Please run the ssh command with -vvvv and display the output here

[Kiran Sonawane]

Since I enabled all shh I can ping on any instances but using public private key I can't.

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAFYJA%2BK%2Bd8XgD%2Bq6p9B%2B26EnRue-ePpPsb3D4Yjkb%3DPHf1j%3DiA%40mail.gmail.com.

[Jonathan Lozada De La Matta]

did you put the public keys on the host your trying to connect as? try ssh-copy-id since it copies the public keys and adds the correct permissions. Did you also use ssh-add? what errors are you getting?

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CABZrV%3DZ3Y7By0f%3DA-vKWK9TKPsh3uq-tBAgD%3D9B0gxPVNng4_Q%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

[Kiran Sonawane]

Ssh-copy-i is not working. It gives an error. 

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAFYJA%2BKow%3DPhqspLfVqq_SYdAXxCjP7TRyR4xmLpe4GTYbZ6bg%40mail.gmail.com.

[Jonathan Lozada De La Matta]

what error are you getting? do you have enough permissions on the other side?

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CABZrV%3DatuRXm%2Bnr4edZtVmriR_wTxqDoZufUQeF_ZJb_zTpAkw%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

[Karl Auer]

This is a big question, with far too little information to resolve easily.

Here is a troubleshooting list for you (or anyone) having connectivity issues generally and ssh issues specifically.

1: Check the addresses. Make sure you are using the correct name or IP address for the target instance.

2

: Check the addressing scheme at both ends. Private source requires private target (or a NAT gateway for the source); public source requires public target.

3: Check the security groups and ACLs - does the target security group allow inbound SSH? Does the source security group allow outbound SSH? Do the ACLs protecting the subnets allow ssh inbound to the source? Do they allow high ports outbound? If testing with ping, make sure the security groups and ACL allow ICMP in and out.

4: Check the routing at both ends. If source and target are in the same subnet in the same VPC, this will not be an issue, otherwise make sure that the routing is correct. Check the routing to the IGW, routing to the NAT Gateway, routing over any VPC peering links or Direct Connects - all that are appropriate to your situation.

5: Check that you have the correct SSH key for the target system. The private part needs to be in your ~/.ssh directory, the public part needs to be in ~/.ssh/authorized_keys on the target system. The latter part is done for you by AWS when launching new Linux instances.

6: Check that you are using the correct username for the remote system. By default this will be ec2-user for Amazon Linux and ubuntu for Ubuntu Linux.

7: If you are logged into the source system as a user other than ubuntu or ec2-user, you will need to specify the private key with -i on the ssh command line (or set up a Host stanza in ~/.ssh/config).

8: If the target instance is not a standard AWS AMI, check that it actually allows ssh through local firewalls, has sshd installed, used the default usernames, has the ssh key installed in the usual location and so on.

When asking for help, make clear exactly where the source and target systems are - both in AWS or not? Same or different subnets? Same or different VPCs? Public or private addressing? NAT gateways, Internet gateways, VPC peering, Direct Connects...?

There are a LOT of variables. Usually, access to a new instance is simple and Just Works. If it doesn't, look at what changes you may have made to the standard set up.

Regards, K.

On Fri, Aug 10, 2018 at 11:58 PM, Kiran Sonawane <kiransona...@gmail.com> wrote:

Hey,

I'm trying to SSH between two instances to practice Ansible on aws instances but I'm not able to create an ssh connection between instances. Can someone please  help me.

--

You received this message because you are subscribed to the Google Groups "Ansible Project" group.

To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0bc165b2-803c-48b7-85e0-e5ebb9db6faf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Karl Auer

Email  : ka...@2pisoftware.com
Website: http://2pisoftware.com

GPG/PGP : 958A 2647 6C44 D376 3D63 86A5 FFB2 20BC 0257 5816
Previous: F0AB 6C70 A49D 1927 6E05 81E7 AD95 268F 2AB6 40EA