How do I troubleshoot problems connecting to my EC2 Linux instance using SSH

Issue

I have created and launched an EC2 Linux instance, but I can’t connect to the instance using SSH or utilities that connect over SSH such as PuTTY. When I attempt to connect from the Linux command shell, the connection attempt hangs, and when I connect using the PuTTY client an error similar to the following is displayed in the PuTTY client user interface:

Network error: Connection timed out

Short Description

Both problems indicate that you are unable to access your EC2 instance from your current IP address using SSH.

Network connectivity to an EC2 instance is not enabled by default. You need to make some configuration changes in your VPC in the AWS management console.

Resolution

To ensure that you can connect to your EC2 Linux instance using SSH, first verify that your Security Group(s) permit access to your EC2 instance over SSH from your IP address.

Sign in to your AWS account, and open the Amazon EC2 console.
In the navigation pane, choose Instances.
Find the EC2 instance you want to connect to via SSH.
In the Description tab at the bottom of the screen, select the security group for the EC2 instance you are trying to connect to.
In the Inbound tab in the pane at the bottom of the screen, ensure that you have a rule that allows SSH from your current public IP.
Note: If you’re not sure what your current IP is, type "my ip" into your preferred search engine, and note the IP that’s returned. Also, most devices display the IP address currently assigned to them in their network settings.
If the IP your device is using isn’t in the list, choose Edit, then Add rule.
For Source, choose My IP.
Choose Save.
Next, make sure your VPC route table is configured to allow traffic to and from the Internet.

Open the Amazon VPC console.
In the navigation pane, choose Route Tables and then select your VPC route table from the list.
On the Routes tab, ensure that you have a default route pointing to your Internet gateway (IGW).
If you do not see this, choose Internet Gateways from the navigation pane and copy the ID of your Internet gateway. If you do not have an Internet gateway, create one and attach it to your VPC. Be sure to copy the ID of the new IGW.
Go back to Route Tables and select the Routes tab.
Edit and create a route that points 0.0.0.0/0 to your Internet gateway ID.
Save the route table.
If you have completed these steps and you are still unable to connect to your EC2 instance, make sure the SSH daemon is running on the EC2 instance, and that it is configured to listen on the default port (TCP 22). For more information on troubleshooting connectivity issues, see Troubleshooting Connecting to Your Instance, or create a case with AWS Support.