AWS EC2 实例 - ssh“连接超时"怀疑 iptables [英] AWS EC2 Instance - ssh "Connection timed out" suspecting iptables

问题描述

我是防火墙的新手.我今天早些时候在 ec2 实例上玩 iptables，但现在我无法通过 ssh 连接 - 连接超时".控制台显示实例正在运行，ssh 密钥正常，ping 成功.所以我的结论是我可能在玩 iptables 时禁用/禁止了 ssh 端口连接.

I am new to firewalls. I was playing with iptables on ec2 instance earlier today but now I am unable to connect via ssh - "Connection timed out". The console shows the instance is running and the ssh keys are good, ping is successful. So my conclusion is that I might have disabled/disallowed the ssh port connections while playing with the iptables.

有没有办法在不完全重新安装的情况下撤消更改?

Is there a way to undo the changes without going for a complete re-install ?

注意:我无法访问 shell，因为我无法 ssh

Note: I don't have access to shell since I cannot ssh

推荐答案

从 AWS 控制台简单重启即可.希望您没有在实例中启用 iptables 服务，以便它在启动时启动.

A simple reboot from the AWS console should do. Hopefully you didn't enable the iptables service in the instance so that it starts at boot up.

如果您启用了 iptables 服务，您将不得不创建另一个实例，instance B(希望您使用的是 EBS 实例).还假设您的原始实例是 instance A:

If you enabled the iptables services you are going to have to create another instance, instance B (hopefully you are using EBS instances). Also assuming your original instance is instance A:

1. 从实例A
分离根EBS卷
2. 将该 EBS 卷附加到 实例 B，如/dev/xvdf
3. 在实例B上运行:mkdir -p/mnt/xvdf;挂载/dev/xvdf/mnt/xvdf
4. 修复安装在实例B
上/mnt/xvdf上的卷
5. 从实例B卸载卷:umount/mnt/xvdf
6. 以 root 身份将卷附加回 instance A.
7. 重启实例A

1. Detach the root EBS volume from instance A
2. Attach that EBS volume to instance B as say /dev/xvdf
3. On instance B run: mkdir -p /mnt/xvdf; mount /dev/xvdf /mnt/xvdf
4. Repair your volume mounted on /mnt/xvdf on instance B
5. Unmount volume from instance B : umount /mnt/xvdf
6. Attach volume back to instance A as root.
7. Restart instance A

如果您正在使用 instance-store 类型的实例，那您就不走运了.

If you are using instance-store types of instances you are out of luck.

这篇关于AWS EC2 实例 - ssh“连接超时"怀疑 iptables的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！