CODEWITHSUNDEEP
amazon-web-servicesnetwork-programmingsshamazon-ec2openssh
SamPutnam
SamPutnam

Reputation: 1179

AWS EC2 Permission Denied (public key)

This answer is specifically designed for this type of question, but it has not yet been as clear to me as to its hundreds of upvoters.

I put my key in Downloads. It's found, but it seems like it's not considered a a public key when I use user ubunto. The output is at the bottom of this post. I changed permissions using sudo chmod 600 ~/downloads/mykey.pem but had the same result. I changed permissions using sudo chmod 700 ~/downloads/mykey.pem and had the same result too. From this answer, I tried sudo chown -R me ~/downloads/mykey.pem, then sudo chgrp -R 501 ~/downloads/mykey.pem where uid=501(me).

I have tried ec-2 and root as users without success.

with root as ec-2

debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey).

with root as user

skipping output lines

debug1: Trying private key: /Users/me/downloads/mykey.pem debug1: Authentication succeeded (publickey).

The authentication succeeds, but the connection closes.

skipping output lines

debug1: channel 0: free: port listener, nchannels 2 debug1: channel 1: free: port listener, nchannels 1 Connection to ec2-[myPublicIP].compute-1.amazonaws.com closed. Transferred: sent 3264, received 2456 bytes, in 10.3 seconds Bytes per second: sent 316.6, received 238.2 debug1: Exit status 0

Here is the output using user ubunto that the title of this question refers to:

ssh -v -i ~/downloads/mykey.pem -L 60051:localhost:60051 ubunto@ec2-[mypublicIP].compute-1.amazonaws.com OpenSSH_6.9p1, LibreSSL 2.1.8 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 21: Applying options for * debug1: Connecting to ec2[mypublicIP].compute-1.amazonaws.com [[mypublicIP]] port 22. debug1: Connection established. debug1: key_load_public: No such file or directory debug1: identity file /Users/me/downloads/mykey.pem type -1 debug1: key_load_public: No such file or directory debug1: identity file /Users/me/downloads/mykey.pem-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.9 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.4 debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.4 pat OpenSSH_6.6.1* compat 0x04000000 debug1: Authenticating to ec2-[mypublicIP].compute-1.amazonaws.com:22 as 'ubunto' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client [email protected] <implicit> none debug1: kex: client->server [email protected] <implicit> none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ecdsa-sha2-nistp256 SHA256:85gcFh6LySYszjod4WIx5wu7BUvKwL4M6EAcZkv0zGw debug1: Host 'ec2[mypublicIP].compute-1.amazonaws.com' is known and matches the ECDSA host key. debug1: Found key in /Users/me/.ssh/known_hosts:11 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: /Users/me/downloads/mykey.pem debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey).

Upvotes: 0

Views: 397

Answers (1)

Peter Svehla
Peter Svehla

Reputation: 54

What AMI are you using?

The default user in a stock Ubuntu AMI is ubuntu, not ubunto.

Unless you've created a special AMI that sets up an ubunto user, the user won't exist on the AMI, and hence fail to authenticate.

Upvotes: 1

Related Questions