I generated the key-pair by EC2-Console, and then store it in ~/.ssh/iForests_ABetADay.pem.
After that, chmod 400 iForests_ABetADay.pem, and ssh -i iForests_ABetADay.pem ubuntu#46.51.244.48 -v.
I did login yesterday, but now the error message I got is:
(Google a lot, but still can not find out a way to solve it...)
OpenSSH_5.6p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug1: Applying options for *
debug1: Connecting to 46.51.244.48 [46.51.244.48] port 22.
debug1: Connection established.
debug1: identity file iForests_ABetADay.pem type -1
debug1: identity file iForests_ABetADay.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-1ubuntu3
debug1: match: OpenSSH_5.8p1 Debian-1ubuntu3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '46.51.244.48' is known and matches the RSA host key.
debug1: Found key in /Users/iforests/.ssh/known_hosts:17
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: iForests_ABetADay.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
The output clearly shows that it's trying wrong key. I suggest that you check
~/.ssh/config
/etc/ssh/ssh_config
/etc/ssh_config
to see if something forces your client to use iForests_ABetADay.pem. According to log it must be /etc/ssh_config.
Related
I uploaded my public key and tried to ssh to one of my site nodes. But each time I am getting permission denied. Log information is attached.
OpenSSH_6.1p1 Debian-4, OpenSSL 1.0.1c 10 May 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to planetlab2.utdallas.edu [129.110.125.52] port 22.
debug1: Connection established.
debug1: identity file /home/nazim/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/nazim/.ssh/id_rsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7
debug1: match: OpenSSH_4.7 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.1p1 Debian-4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT recenter code hereeived
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 25:a2:cc:c4:e7:e6:ea:ba:96:6d:a9:06:c9:58:41:c7
debug1: Host 'planetlab2.utdallas.edu' is known and matches the RSA host key.
debug1: Found key in /home/nazim/.ssh/known_hosts:6
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/nazim/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).
Please help me if you know what is going wrong.
Thanks,
Nazim
Try checking permissions on the destination machine. This is the biggest source of confusion. The requirements depend on /etc/ssh/sshd_conf, but by try:
/home/nazim must *not* be world executable (this actually bit me once!).
/home/nazim/.ssh must be chmod 700.
I am getting permission denied (public key) while doing a ssh to amazon machine. Here is the verbose output
OpenSSH_5.8p1 Debian-7ubuntu1,
OpenSSL 1.0.0e 6 Sep 2011
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 46.137.248.46 [46.137.248.46] port 22.
debug1: Connection established.
debug1: identity file Desktop/tws/new_key.pem type -1
debug1: identity file Desktop/tws/new_key.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-7ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 20:0f:a7:ea:b6:70:4f:ca:d0:d4:1c:31:2d:b2:08:71
debug1: Host '46.137.248.46' is known and matches the RSA host key.
debug1: Found key in /home/cs1090174/.ssh/known_hosts:43
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: cs1090174#aurora
debug1: Authentications that can continue: publickey
debug1: Trying private key: Desktop/tws/new_key.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
What can be the possible error? Thanks in advance for replying.
Thanks, I got the fix. The username is not supposed to be Ubuntu but ec2-user .
So I spun my instance up from the web, downloaded a keypair installed it and everything worked great for about a day. Then I rebooted my computer, and I'm not able to SSH into it anymore. I tried redownloading a keypair and reinstalling it but I keep getting the Permission denied (publickey) error.
This is the verbose output (I've tried using the -i /path/to/keypair option as well with no luck):
debug1: Reading configuration data /etc/ssh_config
debug1: Applying options for *
debug1: Connecting to ec2-184-73-218-40.compute-1.amazonaws.com [184.73.218.40] port 22.
debug1: Connection established.
debug1: identity file /Users/tigger/.ec2/domainpolish type 1
debug1: identity file /Users/tigger/.ec2/domainpolish-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu7
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'ec2-184-73-218-40.compute-1.amazonaws.com' is known and matches the RSA host key.
debug1: Found key in /Users/tigger/.ssh/known_hosts:11
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/tigger/.ec2/domainpolish
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: domainpolish
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
I've also tried rebooting the instance. Anyone have anything else I can try? Thanks so much!
Solved. I had deleted my AWS keypair from my computer. Don't do this. It will lock you out of your instance forever.
Hello I am getting permission denied on the ec2 free tier when trying to ssh into my newly created ec2 instance, I have search the forums and tried the solutions provided to no avail. I would be extremely grateful for any help. Here is what I have Done
First Edited ~/.bashrc with the following
export EC2_PRIVATE_KEY=$HOME/ec2/pk-4JGFV4LMAHPSI2RLN46Z2U5DSQ7F3IUO.pem
export EC2_CERT=$HOME/ec2/cert-4JGFV4LMAHPSI2RLN46Z2U5DSQ7F3IUO.pem
export JAVA_HOME=/usr/lib/jvm/java-6-openjdk/
Then
source ~/.bashrc
ec2-add-keypair ec2-keypair > ~/ec2/smitchell.pem
Then I created the instance via the web gui and I then try to ssh in via
ssh -v -i /home/smitchell/ec2/smitchell.pem root#ec2-50-17-66-200.compute-1.amazonaws.com
The command results in the following
OpenSSH_5.3p1 Debian-3ubuntu6, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to ec2-50-17-66-200.compute-1.amazonaws.com [50.17.66.200] port 22.
debug1: Connection established.
debug1: identity file /home/smitchell/ec2/smitchell.pem type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu3
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'ec2-50-17-66-200.compute-1.amazonaws.com' is known and matches the RSA host key.
debug1: Found key in /home/smitchell/.ssh/known_hosts:3
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: smitchell.pem
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/smitchell/ec2/smitchell.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
Once again thank you for any help you can provide
I manged to login correctly by deleting the instance and my keypair via the web config and regenerating them, once I did that I was able to login. Thanks for the help everyone
I am trying to config my github account. However, I keep getting this error and for the life me cannot figure why. I have added my ssh key to github and I am sure that the ssh key is in the directory ~/.ssh/id_rsa. I don't know what else to do..
skline-mac:first_app skline$ sudo ssh -v git#github.com
OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to github.com [207.97.227.239] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /var/root/.ssh/identity type -1
debug1: identity file /var/root/.ssh/id_rsa type 1
debug1: identity file /var/root/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5github2
debug1: match: OpenSSH_5.1p1 Debian-5github2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /var/root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /var/root/.ssh/identity
debug1: Offering public key: /var/root/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Offering public key: /var/root/.ssh/id_dsa
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
skline-mac:first_app skline$
drop the sudo from your command. It's trying to load root's keys, not yours.