I changed the default listening port for OpenSSH. Later on, I forgot that I had SELinux off for testing and when I turned it back on I couldn’t ssh to the EC2 instance.
- Stop the broken instance
- Detach the EBS (root) volume of the broken instance.
- Start a new EC2 instance in the same region that runs the same OS as the broken instance
- Attach the original EBS root volume as a secondary volume to your new instance.
- Once you’ve mounted the broken volume somewhere on the new instance
- Set SELinux to permissive mode in its config file.
- Once you’ve set permissive mode for SELinux, shutdown the instance.
- Detach the volume.
- Reattach the volume as the root volume to the original broken instance.
- Start the instance back up. You should be able to connect via ssh.
- Now set SELinux to listen for ssh on the alternate port.
$ semanage port -a -t ssh_port_t -p tcp 1234
- Set SELinux’s config to enforcing mode and reboot. If you still have access after the reboot you should be good to go.