Unable to ssh into Azure VM -- connection timed out
I am trying to create a VM with the Azure CLI and ssh into it from Azure Cloud Shell. I have followed the official guide (https://learn.microsoft.com/en-us/azure/virtual-machines/linux/quick-create-cli) by running these commands:
$ az group create --name myGroupName --location westus2
$ az vm create --resource-group myGroupName --name myVmName --image UbuntuLTS --admin-username azureuser --generate-ssh-keys
However, when try to connect via ssh with the public IP address reported by the second command above, the connection times out:
$ ssh -vvv azureuser@publicIpAddress
OpenSSH_7.2p2 Ubuntu-4ubuntu2.10, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "publicIpAddress" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to publicIpAddress [publicIpAddress] port 22.
debug1: connect to address publicIpAddress port 22: Connection timed out
ssh: connect to host publicIpAddress port 22: Connection timed out
Any suggestions on what I am doing wrong?
In addition, I have tried running these commands in Powershell on my local machine. I have found that after I create a new resource group, and then launch a VM, I am able to ssh into the VM using Powershell. But when I disconnect from the VM and then try to ssh back into it, I am unable to re-connect since it results in the timeout error. If I try to create a new VM under the same resource group, I am unable to ssh into it at all. If instead, I create a new resource group and a new VM, I can ssh into it the first time, but not on subsequent tries.
As far as I know, you could check if there is an NSG automatically associated with your VM NIC or subnet by Azure policy or others in your current subscription after you create the Azure VM. Probably, it adds some inbound port rules in the NSG to blocking the network connection. If you want to SSH into your Azure VM. it must have a higher priority inbound rule to allow access port 22 as below. You also could add your client public IP as the source in the rule to narrow the limitation.
- VM has reported a failure when processing extension AzureDiskEncryption
- How to pass secrets downloaded from Azure KeyVault as parameters to an Azure Function?
- Trigger / queue build policy pipeline on ADO PR with Azure CLI
- Azure AD B2C Password Reset
- Batch create mailbox folders with GRAPH API (from Graph Explorer)
- Azure Web App on Linux: "Error: Container didn't respond to HTTP pings on port: 8080" - when using: "start": "pm2 start server.js"
- How can I apply name=value tags to service principals in Azure?
- Visual Studio Code: Could not find $web blob container for storage account
- Error when registering data factory integration runtime on windows VM
- Retrieve list of repositories and their tag versions in one call
- Getting Error while running Azure DevOps Pipeline "Error: building account: could not acquire access token to parse claims: clientCredentialsToken
- Create Resource Group with Azure Management C# API
- Azure LDAP Authentication Connection Refused On Cloud Server or Other Desktops
- Create a gpu nodepool on azure with a student account
- How to set redirect URLs to b2clogin.com for Azure Active Directory B2C in React JS application
- Cannot connect to SQL Server from logic app
- How to Resolve Errors When Running Python Jobs in Azure App Service WebJobs
- How do I open Kudu console in Azure functions consumption plan?
- Azure AutoML Image Classification Job
- Onedrive GRAPH API - 403 when getting user's OneDrive
- Azure Government Get incidents returns 401 Forbidden
- Delta Table Partitioning - why only for tables bigger than 1 TB
- How to check if an Azure storage queue has messages
- Azure WAF exclusion, what's the difference between RequestArgNames and RequestArgValues?
- How to order results of a query by the results of an aggregate function in ComosDb?
- Azure routing between different subscriptions - force one, common outbound IP and share Site-to-site (IPSec) defined in Virtual network gateway
- Bot Framework Python SDK ErrorResponseException: Operation returned an invalid status code 'Unauthorized'
- Azure DevOps - Create a work item from incoming email
- Error: "OrganizationFromTenantGuidNotFound" (even with Microsoft 365 subscription)
- How do I fix SerializationNotSupportedParentType and ThrowNotSupportedException_ConstructorContainsNullParameterNames exception in System.Text.Json?