AWS lightsail web based ssh connection problem fix

After we setting up a AWS lightsail instance, what we all need to do is to harden the ssh security by add firewall rules to the web firewall gateway and using local firewalls like ufw or iptables in the vps, but there are two major things u should know.

Since lightsail instance can be accessed by direct ssh connection, so you need to enable the port 22 on both web portal gateway and the instance firewall as well, when you want to customize the ssh connection port and want to use the web based ssh connection portal, it is not possible right now, you can only use the port 22 to access them both, which is obviously not secure, so change it to any port as you want, then you will lost the web based ssh connection portal on the lightsail manage web site. I encourage to change it for security reasons.

Even if you didn't change the ssh connection port, sometimes when you upgrade you instance using apt update or apt upgrade or you fully upgraded you operation system to a newer version, you may notice their might be a ssh configuration file modification and then you lost the access to the instance by the lightsail web based ssh connection portal,  we can simply fix this by adding some code to the end of the /etc/ssh/sshd_config file

TrustedUserCAKeys /etc/ssh/lightsail_instance_ca.pub
CASignatureAlgorithms +ssh-rsa

Then you should save the file and restart your sshd service, then most of the time you will gain your ssh web portal access ability, help this solve your problem.