Packet is not connecting to private AWS EC2

Venkat1505 · January 20, 2021, 9:10pm

I am using the AWS Code build for creating Golden-ami using packer. We have a Windows bastion host for connecting private Ec2 Linux instances in AWS VPC. So my packer needs to connect EC2 in the private subnet via windows bastion host. Bastion host is in public subnet.

I am getting the below SSH timed out error when i am running the pipeline.

“associate_public_ip_address”: “true”,
“vpc_id”: “",
“subnet_id”: "”,
“security_group_id”: “sg-",
“ssh_interface”: “private_ip”,
“communicator”: “ssh”,
“ssh_bastion_username”: "",
“ssh_bastion_password”: "",
“ssh_bastion_host”:"**********”,
“ssh_bastion_port”:“3389”,
“ssh_bastion_agent_auth”: “true”

2021/01/20 20:37:09 packer: 2021/01/20 20:37:09 [INFO] Not using winrm communicator, skipping get password…
2021/01/20 20:37:09 packer: 2021/01/20 20:37:09 [INFO] Waiting for SSH, up to timeout: 5m0s
==> AWS AMI Builder - CIS: Pausing after run of step ‘StepRunSourceInstance’. Press enter to continue. ==> AWS AMI Builder - CIS: Pausing after run of step ‘StepGetPassword’. Press enter to continue. ==> AWS AMI Builder - CIS: Using ssh communicator to connect: 10.112.14.196
2021/01/20 20:37:09 ui error: ==> AWS AMI Builder - CIS: Error waiting for SSH: Error configuring bastion: SSH_AUTH_SOCK is not set
==> AWS AMI Builder - CIS: Waiting for SSH to become available…
==> AWS AMI Builder - CIS: Error waiting for SSH: Error configuring bastion: SSH_AUTH_SOCK is not set
==> AWS AMI Builder - CIS: Pausing before cleanup of step ‘StepGetPassword’. Press enter to continue. ==> AWS AMI Builder - CIS: Pausing before cleanup of step ‘StepRunSourceInstance’. Press enter to continue. ==> AWS AMI Builder - CIS: Terminating the source AWS instance…

tbugfinder · January 20, 2021, 10:57pm

Could you check security group configurations and also WIN OpenSSH installation?

Venkat1505 · January 20, 2021, 11:59pm

Security group allows SSH 22 from bastion host only.

Can you tell me where to check WIN OpenSSH installation?

tbugfinder · January 21, 2021, 10:20pm

You could start here or use a Linux bastion or run packer on the bastion.

Installation of OpenSSH For Windows Server | Microsoft Docs

ae07177 · July 26, 2023, 11:09am

You do not need bastion hosts. You need to change “ssh_interface” to “session_manager”
which uses AWS SSM portforwarding in the background.
For OpenSSH installation you can refer to this article

gist.github.com

https://gist.github.com/pascal-hofmann/53e9f417e843384563f428dadcb3fd27

00-configure-source-ssh.ps1

<powershell>
# Version and download URL
$openSSHVersion = "7.6.1.0p1-Beta"
$openSSHURL = "https://github.com/PowerShell/Win32-OpenSSH/releases/download/v$openSSHVersion/OpenSSH-Win64.zip"

Set-ExecutionPolicy Unrestricted

# GitHub became TLS 1.2 only on Feb 22, 2018
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;

This file has been truncated. show original

win-server-2016.json

{
  "variables": {
    "aws_access_key_id": "{{env `AWS_ACCESS_KEY_ID`}}",
    "aws_secret_access_key": "{{env `AWS_SECRET_ACCESS_KEY`}}",
    "aws_account_id": "{{env `AWS_ACCOUNT_ID`}}",
    "region": "{{env `AWS_REGION`}}",
    "ssh_username": "Administrator",
    "image_name": "windows-server-2016-base",
    "subnet_id": "{{env `SUBNET_ID`}}",
    "security_group_id": "{{env `SECURITY_GROUP_ID`}}"

This file has been truncated. show original

Topic		Replies	Views
SSH communicator with bastion host ignores settings and tries to connect directly Packer	0	476	March 30, 2022
Packer build issue with SSH bastion host Packer	0	203	April 11, 2024
AWS - packer - ssh timeout error Packer	3	2788	June 21, 2023
We are trying to use packer latest version 1.9.1 or 1.8.x in our pipelines and running into below issue Packer	1	261	July 27, 2023
Packer not able to take SSH Packer	0	488	July 17, 2022

Packet is not connecting to private AWS EC2

Related topics