I'm following the github instructions on how to set up ssh key and add it to the ssh agent. However after I input ssh-add -K ~/.ssh/id_rsa into the terminal, I receive this error: /Users/newuser/.ssh/id_rsa: No such file or directory
I set up my ssh key using Enter file in which to save the key (/Users/newuser/.ssh/id_rsa) so I believe its the correct name.
Any help would be appreciated!
I have been following the same instructions and meet the same problem. This is what worked for me:
cd ~/.ssh
ssh-add id_rsa
Enter file in which to save the key (/c/Users/YOURNAME/.ssh/id_rsa): id_rsa
Use the key in id_rsa.pub to add SSH Key
$ ssh -vT git#github.com
Screen will display:
You've successfully authenticated, but GitHub does not provide shell access.
I use the following command and i got the code from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html
ssh -i my-key-pair.pem ec2-user#ec2-198-51-100-1.compute-1.amazonaws.com
I'm not sure if it's because I lost the .pem file and recreated it or what is going on here, but no matter if I use the user ubuntu, root, or ec2-user the terminal asks me for a password.
Your local private key must be shrouded as it should be. It can be disabled with key management tools if you really want, but not advised.
Double-check the file permissions on your key file. Do:
chmod 400 my-key-pair.pem
and try again.
It is also likely that the key file is just the wrong one.
You have to terminate the instance and copy it with a new ssh key. If a key is lost then access to the server is also lost.
Here's the situation:
I generated and downloaded an ssh key as a .pem file using the EC2 console
I gave this key to my colleague with a PC and he has been able to log to the server with it just fine using PuTTY.
I have been trying for hours to figure out where to put the .pem file such that I can call
ssh -v [SERVER IP ADDRESS] -l [USERNAME]
I know that the IP address and the username are accurate because that's what my colleague is using. Where do I put the .pem file, and what permissions do I set? It seems that every tutorial on this stuff assumes you generated the key using ssh-keygen, which apparently handles all this for you, and the directions on EC2 don't tell you what to do beyond downloading the key.
My current setup is this:
I copied the text inside the .pem file and put it in ~/.ssh/id_rsa
I set the permissions to chmod 600 id_rsa
I'm geting a massive error that ends with the line "Permission denied (publickey)"
Thanks for your time.
Just use ssh -i keyfile.pem user#host.com. This will use the identity file (.pem that EC2 gave you)
my machine setup is as follows:
windows 7, Git for windows,Git Bash, openSSH 1.6 installed via cygwin.
I followed the instructions on https://help.github.com/articles/generating-ssh-keys
But I still have to login in everytime I push something.
I guess my setup is messed up... any help is very much appreciated.
To be able to use key-based authentication (instead of HTTP basic-auth), you have to use the SSH-Protocol. On Github, the URLs look like this:
git#github.com:username/repository.git
Once you use key authentication, you can use the common SSH tools to manage the connections. One of these tools is the SSH agent which will decrypt your private key once after loading and keep it in main memory while it is running. This allows new SSH sessions to use this key without having to bother you with a password-question.
You can add a private key to the current SSH agent session by running
ssh-add /path/to/key
If you want to remove the passphrase and it annoys you then enter:
ssh-keygen -p
enter the old passphrase and when asks for the new one, just leave it empty.
I now got it working kinda...
At first I uninstalled the ssh package from cygwin since git for windows ships with ssh.
like Holger said I had to add the key to the ssh-agent but from the git bash I was not able to add it. It worked like this:
eval 'ssh-agen.exe'
ssh-add ~/.ssh/id_rsa
After this I was able to push without entering a passphrase.
The only problem got left is that I have to add the key after every system reboot...
ANy ideas how to fix this?
These instructions are for Windows 7 and above.
Create a filename named .bashrc in your home directory (so full file path is C:\Users\XYZ\.bashrc where XYZ is your windows user name
In the file add these two lines. Note: change location of private key file if not at ~/.ssh/id_rsa
eval `ssh-agent`
ssh-add ~/.ssh/id_rsa
Open Git Bash application and you should be prompted with asking for your key's password
I am new to EC2. I created my security credentials from this site:
http://paulstamatiou.com/how-to-getting-started-with-amazon-ec2
It worked great, I rebooted and now when I try to connect I get a login/password prompt. (Which I never set up.) After several attempts I get this error:
Permission denied (publickey,gssapi-with-mic).
What am I doing wrong?
Two possibilities I can think of, although they are both mentioned in the link you referenced:
You're not specifying the correct SSH keypair file or user name in the ssh command you're using to log into the server:
ssh -i [full path to keypair file] root#[EC2 instance hostname or IP address]
You don't have the correct permissions on the keypair file; you should use
chmod 600 [keypair file]
to ensure that only you can read or write the file.
Try using the -v option with ssh to get more info on where exactly it's failing, and post back here if you''d like more help.
[Update]: OK, so this is what you should have seen if everything was set up properly:
debug1: Authentications that can continue: publickey,gssapi-with-mic
debug1: Next authentication method: publickey
debug1: Trying private key: ec2-keypair
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Are you running the ssh command from the directory containing the ec2-keypair file ? If so, try specifying -i ./ec2-keypair just to eliminate path problems. Also check "ls -l [full path to ec2-keypair]" file and make sure the permissions are 600 (displayed as rw-------). If none of that works, I'd suspect the contents of the keypair file, so try recreating it using the steps in your link.
The key for me to be able to connect was to use the "ec2-user" user rather than root. I.e.:
ssh -i [full path to keypair file] ec2-user#[EC2 instance hostname or IP address]
+1
I noticed that for some AMIs like Amazon Linux, ec2-user#xxx.XX.XX.XXX would work. But for an ubuntu image, I had to use ubuntu# instead. It was never a problem with the .pem, just with the user name.
In my case it's because the permission for my home directory is 775, and SSH is not happy about it. It should work after executing:
server$ chmod go-w ~/
server$ chmod 700 ~/.ssh
server$ chmod 600 ~/.ssh/authorized_keys
I had very similar experience this afternoon. I was setting up django on EC2, and suddenly I cannot SSH into the box anymore. Glad I still had an active connection, so I modified /etc/ssh/sshd_config to set:
PasswordAuthentication yes
and set password for ec2-user, then I can login by entering the password.
However, after some googling I found this thread: http://ubuntuforums.org/showthread.php?t=577279. It turned out that during my setup of django I changed the permission for my home directory, and SSH is very strict about this. So the file permission must be set correctly.
I had met this problem too.And I found that happend beacuse I forgot to add the user-name before the host name:
like this:
ssh -i test.pem ec2-32-122-42-91.us-west-2.compute.amazonaws.com
and I add the user name:
ssh -i test.pem ec2-user#ec2-32-122-42-91.us-west-2.compute.amazonaws.com
it works!
Tagging on to mecca831's answer:
ssh -v -i generated-key.pem ec2-user#11.11.11.11
[ec2-user#ip-11.11.11.11 ~]$ sudo passwd ec2-user
newpassword
newpassword
[ec2-user#ip-11.11.11.11 ~]$ sudo vi /etc/ssh/sshd_config
Modify the file as follows:
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
#PermitEmptyPasswords no
# EC2 uses keys for remote access
#PasswordAuthentication no
Save
[ec2-user#ip-11.11.11.11 ~]$ sudo service sshd stop
[ec2-user#ip-11.11.11.11 ~]$ sudo service sshd start
you should be able to exit and ssh in as follows:
ssh ec2-user#11.11.11.11
and be prompted for password no longer needing the key.
Are you sure you have used the right instance? I ran into this problem and realized that something like 4 of the ubuntu instances i tried did not have SSH servers installed on them.
For a list of good servers see "Getting the images" about half way down. Sounds like you may be using something else... the default username is ubuntu on these images.
https://help.ubuntu.com/community/EC2StartersGuide
I was able to login using ec2-user
ssh -i [full path to keypair file] ec2-user#[EC2 instance hostname or IP address]
After about a half hour of searching and trying to debug this I was able to figure it out. My situation involved me using the same pem file for two different ec2 instance and it working for one and not the other.
My first instance it worked on was the standard aws linux ami amzn-ami-hvm-2014.03.2.x86_64-ebs. I simply used
ssh -i mypemfile.pem ec2-user#myec2ipaddress
and it worked.
I then launched a fedora instance Fedora-x86_64-19-20140407-sda and tried the same command but kept getting:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
After changing my username from ec2-user to fedora it worked!
ssh -i mypemfile.pem fedora#myec2address
None of the above helped me, but futzing with the user seemed like it had promise. For my config using 'ubuntu' was right.....
ssh -i [full path to keypair file] ubuntu#[EC2 instance hostname or IP address]
I recommend against setting a password as some other answers suggest. Using the key file is both safer (no one can guess your passwords) and more convenient (once you set up a config file). Here's a basic ~/.ssh/config:
Host my-ec2-server
HostName 11.11.11.11
User ec2-user
IdentityFile /path/to/generated-key.pem
Now you can just type ssh my-ec2-server and you're in! And as also mentioned in other answers, use -v to get extra info when your connection isn't working.
If the issue is consistent and happened about 10-15 times in a row even after changing file permissions to 400 or 600, then it is most certainly something is wrong on the ec2 instance, so to make sure:
Check the logs when you try to ssh to the instance by adding -v at the end and see either it gives out anything specific.
Make sure you use the correct name for ssh, like Ubuntu. Perhaps that depends on Linux distribution and users you added and either you've given permission for "root user" ssh.
Then if nothing helps, follow the documentation here https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html#TroubleshootingInstancesConnectingMindTerm
to fix that. It helped in my case, and it happened because of messed up directories/files permissions.
If you have a PPK file working on a PC, then export it as OpenSSH file using puttygen.exe for PC and use that on Mac (any Unix machine).
I was getting the same error --
debug1: Authentications that can continue: publickey,gssapi-with-mic
debug1: Next authentication method: publickey
debug1: Trying private key: ec2-keypair
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,gssapi-with-mic
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-with-mic)
As I was using a PPK file on Windows, I followed the steps as described above and Bingo!
$ ssh -i ec2-openssh-key root#ec2-instance-ip
I had the same problem using the AWS Toolkit for Eclipse. I created the Getting Started instance OK and opened a shell. However, the user was set to ec2-user. I used the Open Shell As... command and set the user to root. Then it worked.
Had a similar issue. Here are the steps used to setup SSH keys and forwarding on the Mac. Made these notes for myself - may help someone... check against your config.
The assumption here is there are no keys setup. If you already have the keys setup skip this section.
$ ssh‐keygen ‐t rsa ‐b 4096
Generating public/private rsa key pair.
Enter a file in which to save the key (/Users/you/.ssh/id_rsa): [Press enter]
Enter passphrase (empty for no passphrase): [Type a passphrase]
Enter same passphrase again: [Type passphrase again]
Modify ~/.ssh/config adding the entry for the key file:
~/.ssh/config should look similar to:
Host *
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_rsa
Store the private key in the keychain:
$ ssh‐add ‐K ~/.ssh/id_rsa
Go test it now with: ssh -A username#yourhostname
Should forward your key to yourhostname. Assuming your keys are added on you should connect without issue.
I was getting this error when I was trying to ssh into an ec2 instance on the private subnet from the bastion, to fix this issue, you've to run (ssh-add -K) as follow.
Step 1: run "chmod 400 myEC2Key.pem"
Step 2: run "ssh-add -K ./myEC2Key.pem" on your local machine
Step 3: ssh -i myEC2Key.pem root#ec2-107-20-4-100.compute-1.amazonaws.com
Step 4: Now try to ssh to EC2 instance that is on a private subnet without specifying the key, for example, try ssh ec2-user#ipaddress.
Hope this will help.
Note: This solution is for Mac.