Search code examples
amazon-ec2ansiblewindows-subsystem-for-linux

Port 22 timeout when ping EC2 with Ansible

I'm working off WSL2 and a small EC2 instance with RHEL-9.3.0_HVM-20231101-x86_64-5-Hourly2-GP2 AMI. Purpose is to learn Ansible.

When ssh my instance from WSL, all works fine and connection is established

ssh -i "my_keys.pem" ec2-user@ec2-xx-xx-xx-x.region-nb.compute.amazonaws.com

However, when running:

ansible all --key-file ../my_keys.pem -i inventory -m ping

I'm getting an error:

xx.xx.xx.xx| UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: ssh: connect to host xx.xxx.xxx.xx port 22: Connection timed out",
    "unreachable": true
}

Double checked following:

  • Ansible's config
  • EC2 ports and allowed IPs

Here is output using -vvvv:

<xx.xxx.xxx.xx> ESTABLISH SSH CONNECTION FOR USER: None
<xx.xxx.xxx.xx> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/home/xyz/xyz/my_keys.pem"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/xyz/.ansible/cp/1f201fc9f0 xx.xxx.xxx.xx'/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<xx.xxx.xxx.xx> (255, b'', b'OpenSSH_8.2p1 Ubuntu-4ubuntu0.11, OpenSSL 1.1.1f  31 Mar 2020\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files\r\ndebug1: /etc/ssh/ssh_config line 21: Applying options for *\r\ndebug2: resolve_canonicalize: hostname xx.xxx.xxx.xx is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket "/home/xyz/.ansible/cp/1f201fc9f0" does not exist\r\ndebug2: ssh_connect_direct\r\ndebug1: Connecting to xx.xxx.xxx.xx [xx.xxx.xxx.xx] port 22.\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: connect to address xx.xxx.xxx.xx port 22: Connection timed out\r\nssh: connect to host xx.xxx.xxx.xxx port 22: Connection timed out\r\n')



"msg": 
    "Failed to connect to the host via ssh: OpenSSH_8.2p1 Ubuntu-4ubuntu0.11, OpenSSL 1.1.1f  31 Mar 2020
    ndebug1: Reading configuration data /etc/ssh/ssh_config
    ndebug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files\r\ndebug1: /etc/ssh/ssh_config line 21: Applying options for *
    ndebug2: resolve_canonicalize: hostname xx.xx.xxx.xx is address
    ndebug1: auto-mux: Trying existing master
    ndebug1: Control socket \"/home/xyz/.ansible/cp/1f201fc9f0\" does not exist
    ndebug2: ssh_connect_direct\r\ndebug1: Connecting to xx.xxx.xxx.xx [xx.xxx.xxx.xx] port 22.
    ndebug2: fd 3 setting O_NONBLOCK
    ndebug1: connect to address xx.xxx.xx.xx port 22: Connection timed out
    nssh: connect to host xx.xxx.xxx.xx port 22: Connection timed out",

Thanks for any suggestions!

Solution

  • inventory file, in case of EC2, required Public IPv4 DNS format.

    ansible_user can be helpful also to skip passing it with cli -u parameter.

    ec2-xx-xxx-xxx-xx.region-number.compute.amazonaws.com ansible_user=ec2-user