Connection refused on new EC2 Instance putty

Question

I've created an instance of a server on EC2 based on an AMI generated from an existing server. All goes well during the create, and I specify the same key for the new server as the old. However, when I try to connect to the new server via putty, I get a "connection refused" message. Also, I'm unable to ping to the public address, although I selected the "default" group which allows ICMP. The server status is "running". Any ideas why I can't connect?

Note that an nmap probe gives this output:

PORT      STATE  SERVICE
22/tcp    closed ssh
80/tcp    closed http
2144/tcp  closed unknown
10000/tcp closed snet-sensor-mgmt

I'm pretty sure this means that ssh isn't running, although the port is open. Any idea why it would be running on the system I did the AMI from, but not on the one the AMI was generated from? Shouldn't all the same services be starting?

Check the console output or boot messages or whatever the EC2 console is calling it these days. If that's not informative I'd check the network settings, for example what VPC it is in. — Samuel Edwin Ward
No idea where to find the console output...it's not in a VPC at all. — Jack BeNimble
In case anyone needs it later, the console output is available in the EC2 web GUI by selecting the instance and choosing "View System Log" from the instance actions menu per Amazon docs. — Samuel Edwin Ward
Yes, wish I had seen that earlier. It turned out to be the key to figuring out the issue (see my comment below) — Jack BeNimble

Jack BeNimble Jack BeNimble · Accepted Answer · 2015-02-12T02:23:22

It did turn out to be a security group/permissions issue. The default security group looks open, but actually shuts everything down, per this post:

https://serverfault.com/questions/245916/why-cant-i-ssh-or-ping-my-brand-new-amazon-ec2-instance

Connection refused on new EC2 Instance putty

3 Answers