{"id":11820,"date":"2022-05-09T15:18:19","date_gmt":"2022-05-09T15:18:19","guid":{"rendered":"https:\/\/blog.cloudthat.com\/?p=11820"},"modified":"2024-06-25T11:01:10","modified_gmt":"2024-06-25T11:01:10","slug":"how-to-fix-ssh-issues-unreachable-linux-instance-using-aws-systems-manager","status":"publish","type":"blog","link":"https:\/\/www.cloudthat.com\/resources\/blog\/how-to-fix-ssh-issues-on-your-unreachable-linux-instance-using-aws-systems-manager","title":{"rendered":"How To Fix SSH Issues On Your Unreachable Linux Instance Using AWS Systems Manager"},"content":{"rendered":"

1. Introduction<\/h2>\n

In this blog, we are going to learn how to use EC2Rescue for Linux\u00a0<\/a>to fix unreachable Linux instances. With this method, we can rescue even the EC2 Instances that are not associated with AWS System Manager.<\/p>\n

Explore more about AWS System Manager with this blog: Step by Step Guide: Centralized Multi-Account OS Patching using AWS Systems Manager.\u00a0<\/strong><\/a><\/p>\n

In this method, AWS will launch one CloudFormation stack behind and create a new VPC and launch an EC2RescueInstance for rescuing our Unreachable Instance. Once it is available, It will stop the unreachable Instance. Then it stops the Instance and creates the backup of unreachable Instances. Once it is finished, It will detach the root volume from the Unreachable Instance and attached it to the Rescue instance. Then it will locate the rescue device and then mount the rescue volume. It will run the following commands:<\/p>\n

'\/mnt\/mount\/etc\/resolv.conf' -> '\/mnt\/mount\/etc\/resolv.conf.back'\r\n'\/etc\/resolv.conf' -> '\/mnt\/mount\/etc\/resolv.conf'\r\n'\/mnt\/mount\/usr\/bin\/ec2rl' -> '\/usr\/local\/ec2rl-1.1.5\/ec2rl'\r\n<\/pre>\n
It will Start chroot and\u00a0 Run EC2 Rescue for Linux. Then it will stop the Rescue Instance and detached the Instance Root Volume From EC2RescueInstance. Once it has been done, it will attach Instance Root Volume To Instance and will restore Instance to its Initial State. Then Cloudformation will delete the stack which was created for the rescue operation.<\/p>\n
2. Workflow<\/h3>\n
    \n
  1. For Demonstration, I have changed \u00a0My Ec2 Instance \/home\u00a0directory permissions to\u00a0777.\u00a0<\/em>(As a best practice, create an AMI for the unreachable Instance before running this Automation)
    \n    \"AWS<\/a><\/li>\n
  2. I\u00a0have tried to log in to my Instance again, and now I cannot SSH and get a \u201cPermission denied\u201d error
    \n    \"AWS<\/a>
    \n<\/em><\/li>\n
  3. Here, we will use the \u201cAWSSupport-ExecuteEC2Rescue\u201d Automation Document to fix this issue:<\/strong><\/li>\n
  4. Go to AWS Console and Open the Systems Manager<\/a><\/li>\n
  5. From the left menu pane, choose Automation and then select Execute Automation
    \n    \"AWS<\/a>
    \n    \"Fig:<\/a><\/li>\n
  6. Select \u201cSelf service support workflows\u201d from the Automation section
    \n    \"Fig:<\/a><\/li>\n
  7. Then choose \u201cAWSSupport-ExecuteEC2Rescue\u201d and click\u00a0\u201cNext\u201d
    \n    \"Fig:<\/a><\/li>\n
  8. Next, collect the Instance ID of our Unreachable Instance and provide it in the parameter section
    \n    \"Fig:<\/a><\/li>\n
  9. Click the\u00a0Execute\u00a0button to start Automation
    \n    \"Fig:<\/a><\/li>\n
  10. Once you click the\u00a0\u201cExecute\u201d\u00a0button, the\u00a0Automation\u00a0will start, and you can see the Status\u00a0\u201cIn Progress\u201d:
    \n    \"Fig:<\/a><\/li>\n
  11. We can expand the executed steps to see more details ( Linux Instances will have a \u201cFailed\u201d status for the first step every time.)
    \n    \"Fig:<\/a><\/li>\n
  12. It will execute several Steps to recover our Unreachable Instance. Initially, it creates the Rescue Instance, and then It will Stop our Unreachable Instance
    \n    \"Fig:<\/a><\/li>\n
  13. Now It will detach the Root volume from the Unreachable Instance and attach it to Rescue Instance
    \n    \"Fig:<\/a><\/li>\n
  14. Once it is attached, the procedure\u00a0runs\u00a0EC2Rescue for Linux<\/a>over rescue Instance to fix the issue.<\/li>\n
  15. Monitor the Overall Status of the Procedure using the\u00a0Execution Status\u00a0tab under\u00a0Automation Executions, and wait for it to get\u00a0\u201cSuccess\u201d, which marks it as complete
    \n    \"Fig:<\/a><\/li>\n
  16. Now we can try to connect to our Original Instance,
    \n    \"Fig:<\/a><\/li>\n<\/ol>\n
    3. Conclusion:<\/h3>\n
    With this method, you can log in to your EC2 Instance successfully. AWSSupport-ExecuteEC2Rescue\u00a0 is a new method that automates every step required to fix common issues on our unreachable Linux instance utilizing respective EC2Rescue for Linux.<\/p>\n
    4. About CloudThat:<\/h3>\n
    CloudThat<\/a>\u00a0<\/strong>is the authorized AWS Well-Architected Partner, helping other businesses build secure, high-performing, resilient, and efficient infrastructures for their application and workloads.<\/p>\n
    CloudThat\u00a0<\/strong><\/a>is also the official AWS (Amazon Web Services) Advanced Consulting Partner and Training partner and Microsoft gold partner, helping people develop knowledge of the cloud and help their businesses aim for higher goals using best in industry cloud computing practices and expertise. We are on a mission to build\u00a0a robust\u00a0cloud computing ecosystem by disseminating\u00a0knowledge on technological intricacies within the cloud space.\u00a0Our blogs, webinars,\u00a0case studies, and white papers\u00a0enable all the stakeholders in the cloud computing sphere.<\/p>\n
    Drop a query if you have any questions and I will get back to you quickly. To get started, go through\u00a0our\u00a0<\/strong>Expert Advisory<\/strong>\u00a0<\/a>page\u00a0and\u00a0Managed Services Package<\/strong><\/a>\u00a0that is\u00a0CloudThat<\/a>\u2019s<\/strong>\u00a0offerings.<\/p>\n","protected":false},"author":236,"featured_media":11999,"parent":0,"comment_status":"open","ping_status":"open","template":"","blog_category":[3606,3607],"user_email":"deepaks@cloudthat.com","published_by":"324","primary-authors":"","secondary-authors":"","acf":[],"_links":{"self":[{"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/blog\/11820"}],"collection":[{"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/blog"}],"about":[{"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/types\/blog"}],"author":[{"embeddable":true,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/users\/236"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/comments?post=11820"}],"version-history":[{"count":1,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/blog\/11820\/revisions"}],"predecessor-version":[{"id":42719,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/blog\/11820\/revisions\/42719"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/media?parent=11820"}],"wp:term":[{"taxonomy":"blog_category","embeddable":true,"href":"https:\/\/www.cloudthat.com\/resources\/wp-json\/wp\/v2\/blog_category?post=11820"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}