Probably ssh connection is not configured, to enable it go to elastic beanstalk instance:

Step 1: Go to EC2 dashboard
Identify which ec2 instance you want to connect to. Name of the instance should correspond to the name of the environment. E.g. myelasticbeanstalk-env.

EC2 Console

Step 2: Select the instance, click on the Security tab.

EC2 security tab

You probably don’t have a second line configured, ssh port 22. To enable it, Click on Security groups link (red circle on the image), and then Edit inbound rules.

Inbound rules list

Step 3: Add a new rule

Add a new rule, select ssh as type, select source as your own ip, click Save rules.

Add inbound rule

Go to eb dashboard Click on Configuration, then configure Security to allow connection to your key pair – select from the dropdown. Click on Apply, then Confirm, wait for ElasticBeanStalk to update your environment

Add key pair - Modify elastic beanstalk security

Step 4: Connect to your instance

You can connect to your ec2 instance with

ssh -i yourkeypair.pem ec2-user@<public-ec2-ip-address>.

You can see which ip address is assigned to your instance by:

EC2 Console 2

Don’t have a key pair certificate?

  1. Go to EC2 console

  2. In the navigation pane, under Network & Security, choose Key Pairs.

  3. Choose Create key pair.

  4. Store pem file somewhere on your computer.

  5. Change permissions to the pem file

    sudo chmod 400 yourkeypair.pem


What if you get a warning like this?

The authenticity of host 'x.x.x.x (x.x.x.x)' can't be established.
ECDSA key fingerprint is xxxxx
Are you sure you want to continue connecting (yes/no/[fingerprint])?
Permissions 0664 for 'yourkeypair.pem' are too open.

You didn’t change the permissions. sudo chmod 400 yourkeypair.pem. Try again.


Region used in links for this example is eu-central-1. Ip address of the ec2 instance changes with every elastic beanstalk environment rebuild, unless you assign a static source IP address.

Categories: DevOps

Notify of
Inline Feedbacks
View all comments