Unlike any other questions, suddenly I was not able to login ec2 through ssh. I have logged in 2 mins before I got this error.
ssh -i keypair.pem ec2-user#[erastic ip]
Permission denied (publickey).
I checked:
keypair. I have one keypair and there is no way to miss take. Also, done "chmod 600 keypair.pem"
ec2-user. I also tested ec2-user, root and other users.
Instance reboot.
Thank you
SOLVED: Seems chmod 700 at root disables re-access.
Detach the volume from the instance.
Create a temp instance.
Attach the detached volume to the temp instance.
chmod
Re-attach the volume to the instance.
Don't chmod 700 at root.
Related
Hello when creating the instance i have missed to attach a private key to the aws ec2 instance now unable to login via ssh as there is no private key attached
what i did was clone of instance and launched installed and added the key to that instance
added key to it yet dint work
refereed articles https://www.youtube.com/watch?v=XfOsytNUq1w
If you're connecting via the command line ensure that you're specifying the PEM key using the syntax below
ssh -i path/to/key.pem ec2-user#1.2.3.4
Also ensure that the path/to/key.pem has permissions of 400 with the owner as your user.
You can validate this by running ls -lah path/to/key.pem and change the permissions by running chmod 400 path/to/key.pem
When I log into my AWS EC2 instance via ssh, all of a sudden I'm being given this error:
-bash: /etc/profile: Permission denied
Super annoying, and it appears as though somehow permissions have been changed (accidentally), and I can't get back in. That said, I've tried logging in as root user vs. ec2-user, but I can't seem to remember the password I set for user root.
How can I recover this password or reset it without root user access? Help!
By default, root user login is disabled on EC2 instances, as documented here:
https://aws.amazon.com/premiumsupport/knowledge-center/set-change-root-linux/
So, unless you explicitly enabled SSH root login, there is no point in trying to find out the root password.
However, ec2-user should be a sudo user itself, try executing
sudo chmod 755 /etc/profile
I'm trying to copy a file into a compute instance using gcloud like this:
gcloud compute scp ./file.txt.bz2 root#instance-1:/home/mehran/
And I'm facing an error:
No zone specified. Using zone [us-central1-c] for instance: [instance-1].
root####.###.###.###: Permission denied (publickey).
lost connection
ERROR: (gcloud.compute.scp) [/usr/bin/scp] exited with return code [1].
I've also tested without root:
gcloud compute scp ./file.txt.bz2 instance-1:/home/mehran/
And facing the same error. This is in the case that I can ssh into the same instance without any issue:
gcloud compute ssh instance-1
Apparently, my user does not have the write permission to the home folder! Even a chmod 777 did not help. I ended up copying to /tmp folder and then pick it up from there!
For some reason, the ssh (web-based) and scp were using different users. That's why my scp user didn't have access to that folder. It was trying to write into another user's home folder.
Even though this post seems solved, I had a similar issue: I could SSH into the instance but could not scp. Turns out the folder on my instance did not have read/write permissions so I could not copy (write) into that folder.
Give permissions:
chmod 777 <folder-name>
Copy file/folder to folder in instance:
sudo gcloud compute scp <file-to-copy> <username>#<instance-name>:<folder-to-copy-to-which-requires-permissions> --zone <zone> --project <project-id>
I am facing interesting problem. I have launched an ec2 instance which is ubuntu 14.04. I can ssh into it by providing key file like below.
ssh -i "xxxxx.pem" ubuntu#xxxxxxxxxxxx.ap-south-1.compute.amazonaws.com
But I thought of making another account in instance rather than using ubuntu(root) always which is not safe. So I have created another account on my name in server. And for more security I thought of creating private(id_rsa) and public(id_rsa.pub) key files. And put the public key in server .ssh/authorized_keys and I should be able to ssh from my new account from my local machine. Which is also worked. now I can ssh into server like below.
ssh naroju#XXXXXXXXXXXXXXX.ap-south-1.compute.amazonaws.com
Now the problem comes. Although I can ssh into to it from my new account, I cannot ssh into server from my ubuntu(root) account. It gives below error.
Permission denied (publickey).
Why is it giving me this error?
I wonder why did it ssh into server from my new account, does not it require private key file(.pem file of AWS) ?
To create a new user (eg naroju) on the instance, you should create a .ssh/authorized_keys file in the new user's home directory:
$ sudo adduser naroju
$ sudo su - naroju
$ mkdir .ssh
$ chmod 700 .ssh
$ touch .ssh/authorized_keys
$ chmod 600 .ssh/authorized_keys
Then, edit the authorized_keys file and add the public key.
You can then login to the new user:
$ ssh -i naroju.pem naroju#IPADDRESS
Since you have modified the public key in the ubuntu user's home directory, you will need to login as ubuntu using the private half of the keypair you selected. You can then run the above commands.
See Amazon EC2 documentation: Managing User Accounts on Your Linux Instance
When i try to log in into EC2 instance through ssh, i got the below error Permission denied (publickey)
I checked the host name and username, everything is fine. Wrongly i given the chmod -R 777 . from ec2 instance root directory when i was logged at last time, After that i could not able connect to instance. I need some files from ec2-instance. Is there any way to get log in into ec2?. Also i tried with new instance. Its working.
Is there any possibility?
I haven't tried this myself, but I don't see why it wouldn't work.
Try snapshotting your instance (create image button from ec2 console). Once complete, find your snapshot in the Ec2 console. It should be backed by an EBS volume with an id of the pattern "vol-xxxxxxxx".
Spin up a new instance and attach "vol-xxxxxxxx" as secondary storage. SSH to the new instance and mount the device "vol-xxxxxxxx" correlates to (e.g. /dev/xvdf) to a temp directory and find the files you're looking for.
Detach your root volume and attach to another instance.
Login to the ec2 instance
mkdir tempfolder
sudo mount /dev/svdf1 (normally /dev/svdf1, you can list out your volumes to make sure)
cd tempfolder/home
chmod 700 -R ec2-user
sudo umount tempfolder
Detach volume and attach it to old instance, remember it's root instance so you attach it with name "/dev/xvda".
I faced the similar problem.
you will not able to re-cover the old instance, just create new instance and set the permissions
chmod 777 (don't use -R) option, then your problem will be resolved.
One reason can be that your key file is not publicly viewable for SSH to work. Use this command if needed:
chmod 400 mykey.pem
Also keep in mind the correct user id for EC2(ec2-user) instance and the command:
ssh -l ec2-user -i .ssh/yourkey.pem public-ec2-host
Use Winscp to revert the permission change.
Recently I had accidentally changed the "/home/ec2-user" directory permissions to 777 using putty. I was immediately logged out. I was also logged into the server using "Winscp" and it didn't get disconnected after chaging the permissions.
The solution is change the permission on "/home/ec2-user" back to 700 using Winscp and I was able to log back in. It worked for me. Winscp saved me a lot of trouble.