Network Error: Connection refused — AWS

Mohamed Jawad P
May 28 · 2 min read

Have you faced Fatal Error while accessing your AWS EC2 instances? What are the alternatives if the SSH access fails to the EC2 instance?

Suppose you are an AWS infra deployment person in your organization and if suddenly one of your customers says that he can’t access his application server and also getting the Fatal Error — “Network error: Connection refused”, then what should be the response from you to the customer?

Firstly, you will check the security groups and network connectivities to the instance, once it’s ok, then you need to try and connect to the instance using AWS SSM Session Manager if all the prerequisites are met.

In this scenario, If you connected with AWS SSM Session Manager, still you can’t able to access any users of that instance. This could be very challenging because there are no other methods to connect that instance.

Error Details:

While the customer is setting up their application on Linux machine, there are multiple application files and folders are created in the machine. Normally the application files will be in /mnt or /opt directories. Some of the customers keep their application configuration files in /etc folder.

Here, some of the applications will create an application user and the application will run and access the application files using this application user. This application user also tries to access the application configuration file which is inside /etc folder. You will get the error as “permission denied” because folder /etc can only be accessed by root users.

So, Some of the clients who are not familiar with Linux file permissions, they will perform “sudo chmod -R 777 /” or “sudo chmod -R 777 /etc” commands to allow the permission to the application users to access the /etc folder, which sounds pretty straightforward, right?

Many don’t realize that the above step will do more harm than good.

Solution:

There is only one solution for this error which is detaching the root volume of that instance and attach that root volume to the newly launched Linux instance. Then mount that volume into the Linux machine and change the permission of the files and folders as previous.

Conclusion:

The configuration file of the application is not mandatory to be kept inside /etc. You can also use other directories to keep the application configuration files as well. The only thing you need to change is the configuration file path in the application.

Tensult Blogs

Stories on Cloud computing, Analytics, Automation and Security

Mohamed Jawad P

Written by

AWS Certified | Cloud Engineer | Automation | Linux Admin | Network Engineer

Tensult Blogs

Stories on Cloud computing, Analytics, Automation and Security