Reputation: 189
generated new ssh key on aws instance and now i'm locked out (can't ssh in)
i had an ssh key on aws instance (let's call it key a); however, it wasn't allowing me to access my github account, so i generated a new ssh key (key b). the good thing is that i was able to access github, but the bad thing is that i now can't access my aws instance through ssh.
any idea what i can do? i've tried changing the permissions on the pem file to no avail. i'm running ubuntu 12.04 on aws remotely and a windows machine locally.
additional info: when i created key b and named it rsa_id.pub, i didn't intentionally or explicitly overwrite key a. i've tried two syntaxes, ssh (my default) and the ssh -i xxx.pem [email protected]. neither of these syntaxes are working.
OpenSSH_6.4, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /home/xx/.ssh/config
debug1: /home/xx/.ssh/config line 1: Applying options for awshost1
debug1: Connecting to ec2-xx-xxx-xxx-xx.us-west-2.compute.amazonaws.com [54.201.134.83] port 22.
debug1: Connection established.
debug1: identity file /home/xx/.ssh/xx.pem type -1
debug1: identity file /home/xx/.ssh/xx.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug1: Host 'ec2-xx-xxx-xxx-xx.us-west-2.compute.amazonaws.com' is known and matches the ECDSA host key.
debug1: Found key in /home/xx/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/xx/.ssh/xx.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
Upvotes: 0
Views: 342
Answers (2)
Reputation: 423
There are two important pieces of information missing here:
did you create a new key, or did you overwrite your existing one (on your local machine)
how specifically are you attempting to ssh, that is to say what is the exact ssh syntax?
Assuming that you generated a new key to access your github account, that shouldn't affect your existing key pair to your AWS instance. You should be running something along the lines of
ssh -i /path/to/key.pem ubuntu@your-public-dns-name
Additionally, you should make sure that your key file has the appropriate permissions.
Upvotes: 0
Reputation: 150108
If your instance is EBS-backed (and it should be), all is not lost. You can move the instance to a machine and set a new key in the process:
http://blog.celingest.com/en/2013/11/14/replace-lost-keypair-ec2-instance/
Upvotes: 1
Related Questions
- Amazon EC2 instance: Server refused our key
- AWS EC2 unable to SSH with Key Pair
- SSH Key issues on EC2
- Amazon AWS EC2 Deleted Key Locked out of Root
- AWS SSH Login continues to fail even with new EC2 instance [Permission denied (PublicKey)]
- AWS ssh public key denied
- Amazon instance no longer allowing login with private key
- EC2 Instance not accepting new Key Pair - Permission Denied (Public Key)
- Amazon EC2 ssh login failure
- AWS- public key denied on opening ssh