I have been given a key called Access.pem and I am trying to launch an AWS instance.
In Step 7: Review Instance Launch, when I attempt to launch the instance I get the following error:
No keys pairs found.
You don't have any key pairs. Please create a new key pair by selecting the
Create a new key pair option above to continue.
I have attempted to import my key pair with the steps outlined by amazon (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html)
This includes:
Placing Access.pem in ~/.ssh/authorized_keys
And importing the key via the Amazon EC2 console at https://console.aws.amazon.com/ec2/
In the second attempt when browsing for the key, the Access.pem key cannot be selected on my Mac. When I copy the contents, I am informed the key is too long.
How can I use this key?
A key-pair is often given to employees by their institution. As such I will assume this is the case. If you have exhausted all other options, I would contact your IT department to make sure they have added you.
Next time you log in (assuming you have been granted access), your company key-pairs should be available.
basically when we launch an instance there is option to create a new key pair, and after downloading the key pair save option marked as checked we can proceed to launch an instance. we can create a key pair from key pairs section from before. If you are sure that you have created a key pair as you mentioned "Access.pem" then be sure in which region you have created the key pair. If you create a key pair in the regin "us-east-1-a North Virginia" and if you try to launch an instance in other region like "us-east-2-a -Ohio" in this case you will not find the key pair. when launchin an ec2-instance or any other service that needs key pairs will not suggest the key pair (when the region is changed), check this things.
and while doing ssh from terminal if it is windows/mac/linux be sure you have set the permission of the pem file as 400. using like this "chmod 400 Access.pem"
Related
I recently changed the region of my EC2 instance via creating an AMI of the previous instance and sending it to the new region and launching a new instance from it. However, it now uses the key in the key pair in the old region.
In order to avoid confusion for myself in the future, I want to move the key from the key pair in the old region to the new region (so I have everything in the same region)
I can import the key into the new region, but to do so I need the public key. Question is, I have no idea how to get the public key. I've Googled and looked everywhere, can't find how to get the public half of my key on file so I can import it in the new region
How do I get the public key file?
Thanks in advance
Found the answer.
https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html#retrieving-the-public-key-windows
On your local Windows computer, you can use PuTTYgen to get the public key for your key pair.
Start PuTTYgen, choose Load, and select the .ppk or .pem file. PuTTYgen displays the public key.
Thank you, anyway
If you can login to the ec2 instance, you should be able to go to your ~/.ssh folder. You should see something like this:
You need to know the name of your public key. In my case, this is id_rsa.pub. Now you can open a terminal on your local computer and use scp command to copy the file into your local.
l$ scp -i ~/.ssh/your_key.pem your_user_name#11.12.123.34:/home/your_user_name/.ssh/id_rsa.pub ~/Desktop
id_rsa.pub 100% 405 16.5KB/s 00:00
Now you should have the public key on your Desktop. Now you can go the new EC2, login into it (using password) and copy and paste the text in the id_rsa.pub into any file you want.
I have two EC2 instances and i am trying to sync a directory between the two of them.
I have set up the lsyncd service on one of the instances and was able to sync a directory to different directory on the same instance.
Now i am trying to sync the same directory with the second instance and it is not working.
The reason it is not working is that I am not able to put the key that was generated on the first instance using ssh-keygen -t rsa on the second instance in order to allow them access each other.
I have tried sudo ssh-copy-id -i /path/to/key ec2-user#ip-of-second-instance but it did not work.
I have also tried to manually copy the public part from the key.pub file of the first instance to the ~/.ssh/authorized_keys of the second instance but it did not work either.
That is my lsynd configuration settings:
settings = {
insist = true,
logfile = "/var/log/lsyncd/lsyncd.log",
statusFile = "/var/log/lsyncd/lsyncd.status"}
sync {
default.rsyncssh,
source = "/home/ec2-user/IntSrv/Sync",
host = "second-instance-ip",
target = "/home/ec2-user/GenSrv/Sync",
}
What am i doing wrong? How can i fix that issue?
Any help would be appreciated. Thank you.
You might want to start again with the keys.
You should really be generating your own keys for each user. Then, for each user you want to grant access to the instance, add their key to the .ssh/authorized_keys file, either for the ec2-user or preferably create a user account for them first and add it to their authorized_keys file.
The keys generated by Amazon EC2 should be used to gain initial access to your instances. Then, proper security practice is to remove that key and add your own keys. This way, you have each person accessing via their own keypair, which can be removed if you wish to rescind access.
While I'm not familiar with lsyncd, I suspect that if you get ssh working, then lsyncd will probably work fine, too.
So, quick summary:
Generate a key for YOU using ssh-keygen
Connect to the desired instances, and add your public keypair to authorized_keys within the desired user home directory
Use those keys instead of the ones generated by Amazon EC2
I have run into trouble
I have ec2 instance. I connected to it via ssh.
I wanted to set up POST hook for git.
And accidentally removed authorised_keys from /.ssh directory
My question is : if I am still connected to my aws instance can I copy myKey.pem to /.ssh directory ?
I want to omit instance restore process
Thank you in advance !))
If you can't find the public key that corresponds to your current .pem file, just generate a new key pair, and add that public key to your ~/.ssh/authorized_keys file! You could use AWS to generate the new key pair, or check out these popular instructions from GitHub: help.github.com/articles/generating-ssh-keys.
I lost my .pem file due to which I am not able to login to my ec2 instance. Luckily I had my machine key added to the auth_keys file, so I am able to login using it. I removed the master pub key from the auth_keys file and restarted sshd service. But my colleague who is having the master.pem key file is still able to login to the instance. Am I missing something to disable the complete access to the instance using the master.pem file.
Please advice.
Thanks
Does the auth_keys file exist in two places? Maybe you deleted the wrong one? Maybe you should try changing the fingerprint of the server.
New commentary: removing the public key doesn't affect the private key. The master pem file may be associated with the private key. If the private key remains, other public keys will still work. The topic says "Remove key pair." But the description doesn't indicate removing the private key.
From my "Security Credentials", I can NOT create any more key pairs for my CloudFront setup.
I can only see my existing 2 key pairs and my deleted one. The "create" link is not present.
Do you have a reason for that?
How can I create key pairs without using this interface?
How can I bring back the feature to create key pair from that interface?
It's not possible to have more than two key pairs available for use at any one point in time, see Access Credential Rotation:
[...] you can have two credentials in an Active state at any point in time
so you can rotate them without impact to your application's
availability. The AWS Security Credentials page displays the current
state of each of the credentials you can rotate. The possible states:
Active—Can be used to secure requests to AWS.
Inactive—Can't be used, but can be moved back to the Active state.
Deleted—Can never be used again.
The first sentence is actually a bit misleading, insofar it applies to key pairs in the Inactive state as well, because these can be activated again.
As soon as you delete an inactive key, you will be able to create a new one.