Why can't I SSH to a newly create AWS EC2 instance?

Question

I've carefully followed the instructions here and here, but still cannot connect to my new EC2 instance via SSH.

Yes, I have made sure that I allow inbound connections on port 22 from anywhere. I have also enabled icmp from all over the universe for debugging purposes. You can see these settings in this screenshot:

So why can't I ssh to this machine via SSH?

$ ssh -vvv -i myKeyPair.pem ubuntu@ec2-X-X-X-X.us-west-2.compute.amazonaws.com
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to ec2-X-X-X-X.us-west-2.compute.amazonaws.com http://X.X.X.X port 22.
debug1: connect to address X-X-X-X port 22: Operation timed out
ssh: connect to host ec2-X-X-X-X.us-west-2.compute.amazonaws.com port 22: Operation timed out

I can however ping it:

$ ping ec2-X-X-X-X.us-west-2.compute.amazonaws.com
PING ec2-X-X-X-X.us-west-2.compute.amazonaws.com (X.X.X.X): 56 data bytes
64 bytes from X.X.X.X: icmp_seq=0 ttl=42 time=91.994 ms
64 bytes from X.X.X.X: icmp_seq=1 ttl=42 time=91.922 ms

Is it because the SSH Daemon is not running on the box? How can I start that daemon if I can't even get on the box?

Answer 1

Can you telnet from your machine to this instance on port 22 and see that it's listening?

How about if you connect an Elastic IP and see if that helps anything?

If this instance was spun up in a VPC are your Security Groups and ACLs allowing outbound traffic on high ports to all addresses (0.0.0.0/0) or at least your address?