连接 (ssh) 到 AWS EC2 实例时出现问题
Problem with connecting (ssh) to an AWS EC2 instance
AWSTemplateFormatVersion: "2010-09-09"
Parameters:
VPCCIDR:
Type: String
Default: 10.1.0.0/16
PrivateSubnetCIDR:
Type: String
Default: 10.1.1.0/24
PublicSubnetCIDR:
Type: String
Default: 10.1.2.0/24
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VPCCIDR
Tags:
- Key: Name
Value: VPC
PrivateSubnet:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: !Ref PrivateSubnetCIDR
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PrivateSubnet
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: !Ref PublicSubnetCIDR
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PublicSubnet
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: InternetGateway
GatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref InternetGateway
VpcId: !Ref VPC
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PublicRouteTable
Route:
Type: AWS::EC2::Route
Properties:
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
RouteTableId: !Ref PublicRouteTable
PublicRouteAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet
NatSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'Nat Security Group'
GroupName: NatSecurityGroup
SecurityGroupIngress:
- CidrIp: !Ref PrivateSubnetCIDR
Description: 'Private Subnet traffic'
FromPort: -1
ToPort: -1
IpProtocol: -1
VpcId: !Ref VPC
Tags:
- Key: Name
Value: NatSecurityGroup
NatInstance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-003acd4f8da7e06f9
InstanceType: t2.micro
KeyName: marjan
SubnetId: !Ref PublicSubnet
SecurityGroupIds:
- !Ref NatSecurityGroup
SourceDestCheck: false
Tags:
- Key: Name
Value: NatInstance
EIP:
Type: AWS::EC2::EIP
Properties:
InstanceId: !Ref NatInstance
Tags:
- Key: Name
Value: EIP
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PrivateRouteTable
NATRoute:
Type: AWS::EC2::Route
Properties:
DestinationCidrBlock: 0.0.0.0/0
InstanceId: !Ref NatInstance
RouteTableId: !Ref PrivateRouteTable
PrivateRouteAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PrivateRouteTable
SubnetId: !Ref PrivateSubnet
JumpBoxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'JumpBox Security Group'
GroupName: JumpBoxSG
SecurityGroupIngress:
- CidrIp: 62.162.179.210/32
Description: 'SSH'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: JumpBoxSecurityGroup
JumpBoxEC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-08e4e35cccc6189f4
InstanceType: t2.micro
NetworkInterfaces:
- AssociatePublicIpAddress: "true"
DeviceIndex: "0" ### dodeluva public ip adressa na prviot interface
SubnetId: !Ref PublicSubnet
GroupSet:
- !Ref JumpBoxSecurityGroup
KeyName: marjan
Tags:
- Key: Name
Value: JumpBoxEC2Instance
# Do tuka mrezhen del
PublicEC2SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'EC2Public'
SecurityGroupIngress:
- CidrIp: 0.0.0.0/0
Description: 'http'
FromPort: 80
ToPort: 80
IpProtocol: tcp
- SourceSecurityGroupId: !Ref JumpBoxSecurityGroup
Description: 'ssh Jumpbox'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PublicEC2SecurityGroup
PublicEC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-0022f774911c1d690
InstanceType: t2.micro
NetworkInterfaces:
- AssociatePublicIpAddress: "true"
DeviceIndex: "0"
SubnetId: !Ref PublicSubnet
GroupSet:
- !Ref PublicEC2SecurityGroup
KeyName: marjan
Tags:
- Key: Name
Value: PublicEC2Instance
PrivateEC2SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'EC2Public'
SecurityGroupIngress:
- SourceSecurityGroupId: !Ref PublicEC2SecurityGroup
Description: 'MySQL From Public EC2'
FromPort: 3306
ToPort: 3306
IpProtocol: tcp
- SourceSecurityGroupId: !Ref JumpBoxSecurityGroup
Description: 'SSH From JumpBox'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PrivateEC2SecurityGroup
PrivateEC2tInstance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-0022f774911c1d690
InstanceType: t2.micro
SubnetId: !Ref PrivateSubnet
KeyName: marjan
SecurityGroupIds:
- !Ref PrivateEC2SecurityGroup
Tags:
- Key: Name
Value: PrivateEC2tInstance
这是我的代码,我无法连接到 jumpbox 实例,该实例是 运行 但是当我尝试连接它时它给我“连接到主机 54.145.162.171 端口 22:连接超时“
我正在使用屏幕截图上的命令,我不知道是什么导致了这个问题,我无法通过 ssh 连接到任何东西。如果有人知道如何解决这个问题或有一些解决方法,请告诉我。
除了您限制您的JumpBoxEC2Instance只能从62.162.179.210/32访问外,一切都很好。这可能不是您的真实地址,即使您认为是。如果您仔细检查您的 IP,或如下所示更改 SG,它应该可以工作:
JumpBoxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'JumpBox Security Group'
GroupName: JumpBoxSG
SecurityGroupIngress:
- CidrIp: 0.0.0.0/0
Description: 'SSH'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: JumpBoxSecurityGroup
AWSTemplateFormatVersion: "2010-09-09"
Parameters:
VPCCIDR:
Type: String
Default: 10.1.0.0/16
PrivateSubnetCIDR:
Type: String
Default: 10.1.1.0/24
PublicSubnetCIDR:
Type: String
Default: 10.1.2.0/24
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VPCCIDR
Tags:
- Key: Name
Value: VPC
PrivateSubnet:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: !Ref PrivateSubnetCIDR
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PrivateSubnet
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: !Ref PublicSubnetCIDR
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PublicSubnet
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: InternetGateway
GatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref InternetGateway
VpcId: !Ref VPC
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PublicRouteTable
Route:
Type: AWS::EC2::Route
Properties:
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
RouteTableId: !Ref PublicRouteTable
PublicRouteAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet
NatSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'Nat Security Group'
GroupName: NatSecurityGroup
SecurityGroupIngress:
- CidrIp: !Ref PrivateSubnetCIDR
Description: 'Private Subnet traffic'
FromPort: -1
ToPort: -1
IpProtocol: -1
VpcId: !Ref VPC
Tags:
- Key: Name
Value: NatSecurityGroup
NatInstance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-003acd4f8da7e06f9
InstanceType: t2.micro
KeyName: marjan
SubnetId: !Ref PublicSubnet
SecurityGroupIds:
- !Ref NatSecurityGroup
SourceDestCheck: false
Tags:
- Key: Name
Value: NatInstance
EIP:
Type: AWS::EC2::EIP
Properties:
InstanceId: !Ref NatInstance
Tags:
- Key: Name
Value: EIP
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PrivateRouteTable
NATRoute:
Type: AWS::EC2::Route
Properties:
DestinationCidrBlock: 0.0.0.0/0
InstanceId: !Ref NatInstance
RouteTableId: !Ref PrivateRouteTable
PrivateRouteAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PrivateRouteTable
SubnetId: !Ref PrivateSubnet
JumpBoxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'JumpBox Security Group'
GroupName: JumpBoxSG
SecurityGroupIngress:
- CidrIp: 62.162.179.210/32
Description: 'SSH'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: JumpBoxSecurityGroup
JumpBoxEC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-08e4e35cccc6189f4
InstanceType: t2.micro
NetworkInterfaces:
- AssociatePublicIpAddress: "true"
DeviceIndex: "0" ### dodeluva public ip adressa na prviot interface
SubnetId: !Ref PublicSubnet
GroupSet:
- !Ref JumpBoxSecurityGroup
KeyName: marjan
Tags:
- Key: Name
Value: JumpBoxEC2Instance
# Do tuka mrezhen del
PublicEC2SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'EC2Public'
SecurityGroupIngress:
- CidrIp: 0.0.0.0/0
Description: 'http'
FromPort: 80
ToPort: 80
IpProtocol: tcp
- SourceSecurityGroupId: !Ref JumpBoxSecurityGroup
Description: 'ssh Jumpbox'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PublicEC2SecurityGroup
PublicEC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-0022f774911c1d690
InstanceType: t2.micro
NetworkInterfaces:
- AssociatePublicIpAddress: "true"
DeviceIndex: "0"
SubnetId: !Ref PublicSubnet
GroupSet:
- !Ref PublicEC2SecurityGroup
KeyName: marjan
Tags:
- Key: Name
Value: PublicEC2Instance
PrivateEC2SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'EC2Public'
SecurityGroupIngress:
- SourceSecurityGroupId: !Ref PublicEC2SecurityGroup
Description: 'MySQL From Public EC2'
FromPort: 3306
ToPort: 3306
IpProtocol: tcp
- SourceSecurityGroupId: !Ref JumpBoxSecurityGroup
Description: 'SSH From JumpBox'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PrivateEC2SecurityGroup
PrivateEC2tInstance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-0022f774911c1d690
InstanceType: t2.micro
SubnetId: !Ref PrivateSubnet
KeyName: marjan
SecurityGroupIds:
- !Ref PrivateEC2SecurityGroup
Tags:
- Key: Name
Value: PrivateEC2tInstance
这是我的代码,我无法连接到 jumpbox 实例,该实例是 运行 但是当我尝试连接它时它给我“连接到主机 54.145.162.171 端口 22:连接超时“
我正在使用屏幕截图上的命令,我不知道是什么导致了这个问题,我无法通过 ssh 连接到任何东西。如果有人知道如何解决这个问题或有一些解决方法,请告诉我。
除了您限制您的JumpBoxEC2Instance只能从62.162.179.210/32访问外,一切都很好。这可能不是您的真实地址,即使您认为是。如果您仔细检查您的 IP,或如下所示更改 SG,它应该可以工作:
JumpBoxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'JumpBox Security Group'
GroupName: JumpBoxSG
SecurityGroupIngress:
- CidrIp: 0.0.0.0/0
Description: 'SSH'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: JumpBoxSecurityGroup