Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

"UNPROTECTED PRIVATE KEY FILE!" Error using SSH into Amazon EC2 Instance (AWS)

Tags:

authentication

permissions

ssh

amazon-web-services

amazon-ec2

This is probably a stupidly simple question to some :)

I've created a new linux instance on Amazon EC2, and as part of that downloaded the .pem file to allow me to SSH in.

When I tried to ssh with:

ssh -i myfile.pem <public dns>

I got:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for 'amazonec2.pem' are too open. It is recommended that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: amazonec2.pem Permission denied (publickey).

Following this post I tried to chmod +600 the pem file, but now when I ssh I just get:

Permission denied (publickey).

What school-boy error am I making here? The .pem file is in my home folder (in osx). It's permissions look like this:

-rw-------@   1 mattroberts  staff    1696 19 Nov 11:20 amazonec2.pem
like image 461
Matt Roberts Avatar asked Nov 19 '11 11:11

Matt Roberts

People also ask

How do I fix unprotected private key file error?

In order to solve the "Warning: Unprotected Private Key File" error in AWS EC2, update the permissions of the private key file to only allow read access from the current user, e.g. chmod 600 ec2-private-key. pem . Open your terminal in the directory where your private key is located and run the chmod command. Copied!

How do you login to EC2 instance if private key is lost?

When you use EC2Config or EC2Launch to reset a lost password, you must use its key pair to retrieve the administrator password. If you've lost the key pair, you can create an AMI of the existing instance, and then launch a new instance. You can then select a new key pair by following the instance launch wizard.

2 Answers

The problem is having wrong mod on the file.

Easily solved by executing -

chmod 400 mykey.pem

Taken from Amazon's instructions -

Your key file must not be publicly viewable for SSH to work. Use this command if needed: chmod 400 mykey.pem

400 protects it by making it read only and only for the owner.

like image 157
Kof Avatar answered Sep 28 '22 03:09

Kof

You are likely using the wrong username to login, because—

  • Most Ubuntu images have a user ubuntu
  • Amazon's AMI is ec2-user
  • Most Debian images have either root or admin

To login, you need to adjust your ssh command:

ssh -l USERNAME_HERE -i .ssh/yourkey.pem public-ec2-host
like image 29
Till Avatar answered Sep 28 '22 02:09

Till
Sign in to Comment

Related questions

Cannot ping AWS EC2 instance
What data is stored in Ephemeral Storage of Amazon EC2 instance?
AWS ssh access 'Permission denied (publickey)' issue [closed]
Make a bucket public in Amazon S3 [closed]
How do you add swap to an EC2 instance?
SSH to Elastic Beanstalk instance
EC2 instance has no public DNS
Permission denied (publickey) when SSH Access to Amazon EC2 instance [closed]
How to safely upgrade an Amazon EC2 instance from t1.micro to large? [closed]
Connect to Amazon EC2 file directory using Filezilla and SFTP
Difference between Amazon EC2 and AWS Elastic Beanstalk
AWS EFS vs EBS vs S3 (differences & when to use?) [closed]
Benefits of EBS vs. instance-store (and vice-versa) [closed]
Can an AWS Lambda function call another
How to get the instance id from within an ec2 instance?
How to pass a querystring or route parameter to AWS Lambda from Amazon API Gateway
What is difference between Lightsail and EC2? [closed]
scp (secure copy) to ec2 instance without password
Change key pair for ec2 instance
What is the difference between Amazon SNS and Amazon SQS?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!