Why can't I ssh to my Elastic Beanstalk instance?

Probably ssh connection is not configured, to enable it go to elastic beanstalk instance:

Table of Contents

Step 1: Go to EC2 dashboard

https://eu-central-1.console.aws.amazon.com/ec2/v2/home.
Identify which ec2 instance you want to connect to. Name of the instance should correspond to the name of the environment. E.g. myelasticbeanstalk-env.

EC2 Console

Step 2: Select the instance, click on the Security tab.

EC2 security tab

You probably don’t have a second line configured, ssh port 22. To enable it, Click on Security groups link (red circle on the image), and then Edit inbound rules.

Inbound rules list

Step 3: Add a new rule

Add a new rule, select ssh as type, select source as your own ip, click Save rules.

Add inbound rule

Go to eb dashboard https://eu-central-1.console.aws.amazon.com/elasticbeanstalk/home. Click on Configuration, then configure Security to allow connection to your key pair – select from the dropdown. Click on Apply, then Confirm, wait for ElasticBeanStalk to update your environment

Add key pair - Modify elastic beanstalk security

Step 4: Connect to your instance

You can connect to your ec2 instance with

ssh -i yourkeypair.pem ec2-user@<public-ec2-ip-address>.

You can see which ip address is assigned to your instance by:

going back to ec2 dashboard – https://eu-central-1.console.aws.amazon.com/ec2/v2/home.
Select your instance.
See the green circle in the image below?
That’s your public-ec2-ip-address.

EC2 Console 2

Don’t have a key pair certificate?

Go to EC2 console
In the navigation pane, under Network & Security, choose Key Pairs.
Choose Create key pair.
Store pem file somewhere on your computer.
Change permissions to the pem file
```
sudo chmod 400 yourkeypair.pem
```

Troubleshooting

What if you get a warning like this?

The authenticity of host 'x.x.x.x (x.x.x.x)' can't be established.
ECDSA key fingerprint is xxxxx
Are you sure you want to continue connecting (yes/no/[fingerprint])?
yes
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0664 for 'yourkeypair.pem' are too open.

You didn’t change the permissions. sudo chmod 400 yourkeypair.pem. Try again.

Conclusion

Region used in links for this example is eu-central-1. Ip address of the ec2 instance changes with every elastic beanstalk environment rebuild, unless you assign a static source IP address.

By the way, curious about how I know so much? I read a lot! Get yourself a Kindle and enjoy the reading experience of a real book. I still use my Paperwhite 4 – battery lasts forever, it’s very lightweight and has an adjustable reading light.

Alternatively, subscribe to O’Reilly books and get access to a large database of reading and video material. Unfortunately O’Reilly isn’t suited for Kindle, but they offer a handy app you can download and read from your phone. Anyway, I use both my Kindle and O’Reilly. I read many books at once, and never read from beginning to end, but that’s my defect 😀

Why can’t I ssh to my Elastic Beanstalk instance?

Published by Ana Bujan on December 15, 2022December 15, 2022