使用SSH（在代理之后）拒绝连接到EC2实例

Question

我正在尝试使用代理后面的网络连接来连接到EC2实例。我用开瓶器通过代理连接。我已经从AWS下载了身份文件xyz.pem，并且试图从bash终端连接到该距离：

> chmod 600 xyz.pem
> ssh -vvv -i "/etc/ssh/xyz.pem" ubuntu@<PublicDNS from AWS>

但是我在执行它时收到以下错误：

OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Executing proxy command: exec corkscrew 10.10.78.61 3128 ec2-3-18-0-344.us-west-2.compute.amazonaws.com 22 ~/.corkscrew-auth
debug1: permanently_drop_suid: 1000
debug1: key_load_public: No such file or directory
debug1: identity file /etc/ssh/xyz.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file /etc/ssh/xyz.pem-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4
Proxy could not open connection to ec2-3-18-0-344.us-west-2.compute.amazonaws.com:  Forbidden
ssh_exchange_identification: Connection closed by remote host

除了上述解决方案之外，我还尝试了其他一些解决方案：

> export HTTP_PROXY="http://<user>:<password>@<proxy server>:<port>" 

使用上述命令，我尝试执行pip install命令以查看安装程序是否正常工作。但是，现在执行ssh命令时，出现以下错误：

OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "ec2-3-18-0-344.us-west-2.compute.amazonaws.com" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to ec2-3-18-0-344.us-west-2.compute.amazonaws.com [4.10.29.994] port 22.
debug1: connect to address 4.10.29.994 port 22: Connection refused
ssh: connect to host ec2-3-18-0-344.us-west-2.compute.amazonaws.com port 22: Connection refused

在实例的安全组设置中，端口范围为22，如下图所示：