2
I am trying to connect via ssh to my RHEL EC2 Instance, from a Linux Mint computer, and when I run this command:
ssh ec2-user@SERVER_IP_ADDRESS
I get this error:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
To get more information, I added the -v flag, and got this output:
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/user1/.ssh/config
debug1: /home/user1/.ssh/config line 1: Applying options for SERVER_IP_ADDRESS
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to SERVER_IP_ADDRESS [SERVER_IP_ADDRESS] port 22.
debug1: Connection established.
debug1: identity file /home/user1/Desktop/MyKeyPair.pem type -1
debug1: identity file /home/user1/Desktop/MyKeyPair.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.4
debug1: match: OpenSSH_6.4 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 7d:1a:81:3e:c8:df:be:e8:f2:7c:3f:46:24:cc:9d:95
debug1: Host 'SERVER_IP_ADDRESS' is known and matches the ECDSA host key.
debug1: Found key in /home/user1/.ssh/known_hosts:2
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: publickey
debug1: Offering RSA public key: EMAIL_ADDRESS
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Trying private key: /home/user1/Desktop/MyKeyPair.pem
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
How can I successfully connect to my EC2 Instance?
CDuck
Posted 2015-07-22T22:05:11.267
Reputation: 151
Are you running ssh-agent? I assume you loaded the correct key? Also, which version of RHEL is it? Older versions (<6.4) used root instead of ec2-user as default user. – madeddie – 2015-07-23T08:22:58.970
I am running ssh-agent on my computer (with Linux Mint), but there is not way to check if my server does. I am using the correct key. My Instance is using RHEL 7. Also, whenever I try to login as root, I get a message to log in as ec2-user. – CDuck – 2015-07-23T19:22:24.190
Also, when I try the Java SSH Client from the EC2 Management Console (that runs in browser), it cannot connect because of an 'I/O error - read failed: unknown error.' – CDuck – 2015-07-23T19:33:38.870
Do you use the same key on any other instances? I just (this morning) had a problem with having a key with an error in it (a space in the RSA string) which doesn't work. Apart from that you could check the server logs (via the EC2 console or API) to see if any errors were outputted. – madeddie – 2015-07-24T14:07:01.333
I have not used the same key on any other instances. It looks like the RSA string is all right. There are no error in the server logs as far as I can see. – CDuck – 2015-07-24T15:28:00.213
1Apart from stopping the instance, detaching its root storage (I hope it's EBS backed) and attaching the storage to and mounting it on another fresh instance, I have no further ideas. – madeddie – 2015-07-24T15:50:14.897