Permission denied on Amazon LightSail

Question

Login works with LightsailDefaultPrivateKey-eu-west-1.pem but not with my own key-pair.

I tried to generate the keys with 'ssh-keygen -t rsa -b 4096 -C "[email protected]" -f ~/.ssh/lsail-mikemittererat-eu-west-1.pem'

I also tried to generate a key on AWS/S2, dowloaded it, generated a public key out of the private key and uploaded it to LightSail - the same result. It doesn't work.

Error-Message: ssh -i ~/.ssh/ssh_my-website ubuntu@ Permission denied (publickey).

This is what I get if I use the -v option:

ssh -v -i ~/.ssh/lsail-mikemittererat-eu-west-1.pem ubuntu@<public ip>

OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: Connecting to <public ip> [<public ip>] port 22.
debug1: Connection established.
debug1: identity file /Users/mikemitterer/.ssh/lsail-mikemittererat-eu-west-1.pem type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/mikemitterer/.ssh/lsail-mikemittererat-eu-west-1.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to <public ip>:22 as 'ubuntu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client [email protected] <implicit> none
debug1: kex: client->server [email protected] <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:6u6vqWOSbOSNiPYAOqa5q/epSntR7GG5dvFzKuUAJOQ
debug1: Host '<public ip>' is known and matches the ECDSA host key.
debug1: Found key in /Users/mikemitterer/.ssh/known_hosts:38
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/mikemitterer/.ssh/lsail-mikemittererat-eu-west-1.pem
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

permission of .pem is set to 600, .ssh ist set to 700

Answer 1

I was able to get this to work as follows:

1. Generated the SSH keypair as you described above (ssh-keygen -t rsa -b 4096 -C "[email protected]" -f ~/certs/test.pem)

2. changed permissions on the private key file (chmod 600 test.pem)

3. ssh'd into the instance using the lightsail integrated console and added the public key to the ~/.ssh/authorized_keys file

4. I was able to access the instance using ssh -i ~/certs/lightsail.pem ubuntu@

Let me know if this works, or if I'm missing something.

Answer 2

I had same issue for hours, and finally solved it. Here is what I did:

Download the pem file into a folder.

Then run this:

$chmod 600 KEYFILE.pem

And this:

$ssh -i "KEYFILE.pem" bitnami@your_static_ip

As I remember, I've tried the same thing as you, but it didn't work.