Prerequisites for the EC2 Serial Console
To connect to the EC2 Serial Console and use your chosen tool for troubleshooting, the following prerequisites must be in place:
AWS Regions
Supported in all AWS Regions.
Wavelength Zones and AWS Outposts
Not supported.
Local Zones
Supported in all Local Zones.
Instance types
Supported instance types:
-
Linux
-
All virtualized instances built on the Nitro System.
-
All bare metal instances except:
-
General purpose:
a1.metal
,mac1.metal
,mac2.metal
-
Accelerated computing:
g5g.metal
-
Memory optimized:
u-6tb1.metal
,u-9tb1.metal
,u-12tb1.metal
,u-18tb1.metal
,u-24tb1.metal
-
-
-
Windows
All virtualized instances built on the Nitro System. Not supported on bare metal instances.
Grant access
You must complete the configuration tasks to grant access to the EC2 Serial Console. For more information, see Configure access to the EC2 Serial Console.
Support for browser-based client
To connect to the serial console using the browser-based client, your browser must support WebSocket. If your browser does not support WebSocket, connect to the serial console using your own key and an SSH client.
Instance state
Must be running
.
You can't connect to the serial console if the instance is in the pending
,
stopping
, stopped
, shutting-down
, or
terminated
state.
For more information about the instance states, see Amazon EC2 instance state changes.
Amazon EC2 Systems Manager
If the instance uses Amazon EC2 Systems Manager, then SSM Agent version 3.0.854.0 or later must be installed on the instance. For information about SSM Agent, see Working with SSM Agent in the AWS Systems Manager User Guide.
Configure your chosen troubleshooting tool
To troubleshoot your instance via the serial console, you can use GRUB or SysRq on Linux instances, and Special Admin Console (SAC) on Windows instances. Before you can use these tools, you must first perform configuration steps on every instance on which you'll use them.
Use the instructions for your instance's operating system to configure your chosen troubleshooting tool.
To configure GRUB, choose one of the following procedures based on the AMI that was used to launch the instance.
To configure SysRq, you enable the SysRq commands for the current boot cycle. To make the configuration persistent, you can also enable the SysRq commands for subsequent boots.
To enable all SysRq commands for the current boot cycle
-
Connect to your instance.
-
Run the following command.
[ec2-user ~]$
sudo sysctl -w kernel.sysrq=1
Note
This setting will clear on the next reboot.
To enable all SysRq commands for subsequent boots
-
Create the file
/etc/sysctl.d/99-sysrq.conf
and open it in your favorite editor.[ec2-user ~]$
sudo vi /etc/sysctl.d/99-sysrq.conf
-
Add the following line.
kernel.sysrq=1
-
Reboot the instance to apply the changes.
[ec2-user ~]$
sudo reboot
-
At the
login
prompt, enter the username of the password-based user that you set up previously, and then press Enter. -
At the
Password
prompt, enter the password, and then press Enter.
Note
If you enable SAC on an instance, the EC2 services that rely on password retrieval will not work from the Amazon EC2 console. Windows on Amazon EC2 launch agents (EC2Config, EC2Launch v1, and EC2Launch v2) rely on the serial console to execute various tasks. These tasks do not perform successfully when you enable SAC on an instance. For more information about Windows on Amazon EC2 launch agents, see Configure your Amazon EC2 Windows instance. If you enable SAC, you can disable it later. For more information, see Disable SAC and the boot menu.
Use one of the following methods to enable SAC and the boot menu on an instance.