0

I have an ec2 instance which I can connect using this command with the ssh_key.pem file I have.

ssh -i ssh_key.pem ec2-user@54.174.85.61

I am trying to use ssh-copy-id to add the public key I have on my local machine to remote ec2 instance.

ssh-copy-id -i .ssh/id_ed25519.pub ec2-user@54.174.85.61

output:

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_ed25519.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys ec2-user@54.174.85.61: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

But, it is not working, I guess because I didn't provide any parameter of my private key to connect.

But, I am not able to see any such parameters in the help -h also.

Please suggest how to do so.

ssh-copy-id is not working as mentioned but I found one alternative.

I can connect to the remote machine using the pem file 3.pem

ssh -i 3.pem ec2-user@54.174.85.61

So, I tried below scp command.

scp -q -i 3.pem .ssh/id_ed25519.pub ec2-user@54.174.85.61:~/.ssh/authorized_keys

Now, this worked and I am able to login with my key generated.

ssh -i .ssh/id_ed25519 ec2-user@54.174.85.61

But, it replaces access to 3.pem, earlier key. Because it replaces all the content in the authorized_keys file as I am just copying the file and it replacing the old file.

How to make sure, only append happens.

uday kiran reddy
  • 1
  • 2

2 Answers2

0

Assuming you are using publickey validation already (which from what I read you do) I would double check permission for both folders and files related to ssh public key that is ~/.ssh this should be 0700 ~/.ssh/authorized_keys this should be 0600

Va_ni_tas
  • 26
  • 2
  • but the scenario here, I have a linux machine locally where it has different public and pvt ssh keys. There is one more remote machine(ec2) which I connect with differetn pvt key. When I am trying to use ssh-copy-id, there is no option I saw to pass this different pvt key as parameter. I saw some -o parameter, but documentaion not good for that. So without that option, it is trying to use the main pvt key default one and getting this permission denied error. Can you suggest how to do in this case – uday kiran reddy Jun 07 '22 at 07:21
  • [This is how you can add multiply keys for one user account on server you try to connect](https://serverfault.com/questions/221760/multiple-public-keys-for-one-user) – Va_ni_tas Jun 07 '22 at 07:25
  • No, he is adding entries manually on the remote machine, which I am trying to achieve from ssh-copy-id – uday Jun 07 '22 at 08:33
  • I tried scp instead of ssh_copy_id, can see the content added above and comment on that – uday kiran reddy Jun 07 '22 at 11:07
  • if you added public key in correct format you should be able to use private key on that server – Va_ni_tas Jun 07 '22 at 11:56
0

Got solution, at this link: https://superuser.com/questions/1264012/how-to-ssh-copy-id-2nd-key-when-the-server-only-allows-publickey-authentication

ssh-copy-id -f -i ~/.ssh/dev_pub_key.pub -o StrictHostKeyChecking=no -o "IdentityFile ~/ssh_key.pem" $user@$server_name

Thank you all for helping on this

uday kiran reddy
  • 1
  • 2