Amazon EC2 Permission denied (publickey)

permission denied (publickey) aws mac
aws permission denied (publickey,gssapi-keyex,gssapi-with-mic)
hadoop compute amazonaws com permission denied (publickey)
ec2 git clone permission denied (publickey)
no supported authentication methods available aws
ec2 ssh timeout
can't access ec2 instance from browser
ec2 instance running but can't connect

This seems to be a common problem but my specific case seems a little different.

I set up a new Amazon EC2 instance using the command line tools and connected via SSH and did some configuration work.

Initially, though, I couldn't ssh on to the instance, I had to stop and restart the instance, then i could connect. Before restarting I just got the response.

Permission denied (publickey).

That was last night, this morning I go back to the same instance and now all I get is

Permission denied (publickey).

I've tried rebooting the instance with no joy.

Can anyone point me in the right direction here? The same command that worked last night no longer works, I'm connecting from my Macbook Pro.

I'm going to answer my own question in case anyone else sees the same thing... Last night i had done:

ssh-add ~/.ssh/[keypair name]

then been connecting with:

ssh ec2-user@[ec2 instance ip]

This morning I tried the same and couldn't connect. But doing

ssh -i ~/.ssh/[keypair name] ec2-user@[ec2 instance ip]

gets me in.

Using ssh-add on the key pair again gets me in. I'm guessing ssh-add only works within the shell I'd issued it in. When I closed the terminal window and opened another I no longer had that keypair available without being explicit.

Troubleshooting connecting to your instance, Amazon folks, it'd be great if you could take a a look at this trace. Thanks! ssh -v -i FanKix.pem ec2-user@ec2-107-20-79-179.compute-  There are two likely causes to the "Permission denied (public key)" error encountered with AWS EC2 instances: incorrect ssh keys and incorrect usernames. In this lesson, I'll address both and show you how to overcome them.

This was happening for me because I wasn't using the right username. I was able to log in when using an AMI used in a tutorial I was following, but when I tried to use a different AMI (ubuntu + LAMP from Bitnami) I would get the Permission denied (public key). error. I finally realized that if I changed the username for the tutorial ami from ubuntu to ec2-user I would get the same error.

So a quick google tells that the username for Bitnami AMIs is bitnami. Problem solved.

SSH: Permission denied (publickey), This error message means you failed to authenticate. These are common reasons that can cause that: Trying to connect with the wrong key. Quite simply, EC2 instances will not accept a.pem key if it is publicly visible. Since your.pem file is likely sitting on your Desktop or Downloads folder, it has a permission code of 0644. Unfortunately, that’s not good enough for your server to accept and therefore it denies access as a security precaution.

I ran into a similar problem and it turned out to be permissions on the home folder. Thankfully I still had another existing ssh connection open so I was able to check the log on the ec2 instance:

$ sudo less /var/log/secure

which contained:

Dec  9 05:58:20 ... sshd[29816]: Authentication refused: 
    bad ownership or modes for directory /home/ec2-user

This was fixed by issuing the command:

$ chmod og-rwx /home/ec2-user

I hope this helps out someone else.

Permission denied (publickey) when SSH Access to Amazon EC2 , Permission denied (publickey) when SSH Access to Amazon EC2 instance. There are two likely causes to the "Permission denied (public key)" error encountered with AWS EC2 instances: incorrect ssh keys and incorrect usernames. Permission denied (publickey). Your client sent the key to to the server, and the server didn't accept it. As far as your client cares, your private key and local file and directory permissions are all fine. You need to troubleshoot this from the server side.

Please note that after restarting the instance, the dns name changed. I fell for this several times. The keyfile was still valid, but the "servername" changed.

Amazon EC2 Permission denied (publickey), There could be various reasons for why your authentication is failing. First of all, make sure that you are using the correct key pair. I know it  My EC2 is based on ami-0316d86a (Fedora-16-ec2-20111101-x86_64-sda). It's using the PV-GRUB AKI aki-825ea7eb. I recently updated the system, rebooted, then was unable to connect. $ ssh -i my_key.pem my_user@ip-address Permission denied (publickey,gssapi-keyex,gssapi-with-mic). The following is what led up to this, along with the solution.

Thank you!

I really appreciate @Trevor's answer here. I'm going to add this little trick that I now use to avoid this problem in the future.


Because you have to create a different keypair for each availability zone, it becomes quite a hassle to manage them all and the commands that use them. With the proper setup in ~/.ssh/config my ssh command is as simple as:


That's the full public DNS of a server in the US West 2 availability zone. The proper username and key are selected because of this:

## ~/.ssh/config

Host *
    User ec2-user
    IdentityFile ~/.ssh/bruno-bronosky-aws-us-west-2.pem

AWS ssh access permission denied (public key issue), Try the following command: ssh -i ~/.ssh/[keypair name] ec2-user@[ec2 instance ip]. This should get you in. Remember to use the login user  If you get a Permission denied (publickey) error and none of the above applies (for example, you were able to connect previously), the permissions on the home directory of your instance may have been changed. Permissions for /home/ec2-user/.ssh/authorized_keys must be limited to the owner only. To verify the permissions on your instance

Why do I get "Permission denied (publickey)" when trying to SSH , pem OpenSSH_5.​1p1 Debian-5ubuntu1, OpenSSL 0.9.8g 19 Oct 2007 debug1:  You cannot get "Permission denied (publickey)." if you haven't correctly set the firewall settings (Security Groups).

When ssh to private EC2 permission denied, I have an instance of an application running in the cloud on Amazon EC2 instance, and I need to connect it from my local Ubuntu. It works fine on one of local  Sign in to your AWS account and open the Amazon EC2 console. In the navigation pane, choose Instances. Find the EC2 instance you want to connect to using SSH. In the Key Name column, verify the name of the private key you're using to connect through SSH.

I'd try ec2-user@ and get "Permission denied (publickey)" only to remember that I spun up a Ubuntu AMI For an Amazon Linux AMI, the user name is ec2-user. Wenn Sie beim Herstellen einer Verbindung mit Ihrer Instance über SSH einen der folgenden Fehler, Host key not found in [directory], Permission denied (publickey) oder Authentication failed, permission denied, erhalten, stellen Sie sicher, dass Sie die Verbindung mit dem entsprechenden Benutzernamen für Ihr AMI herstellen und dass Sie den

  • thanks man, kept forgetting to use the "ec2-user" part and the returned error message wasn't very informative about that mistake
  • If it's ubuntu instance, use ssh -i ~/.ssh/[keypair name] ubuntu @[ec2 instance ip]
  • Elastic Map Reduce cluster --> hadoop @[ec2 instance ip]
  • Try changing the username. If you're on Ubuntu 'ubuntu' should be your username.
  • Crazy thing, I was searching for "ubuntu ami 14.04 permission denied publickey aws" and the ubuntu needing that account was a godsend, I didn't read this in any documentation, can someone direct me to it?
  • HOURS of re-installing the instance, changing key-value pairs, etc etc - turns out its this username! Thanks :)
  • Thanks for the tip. In my case it was the opposite, I needed to use ubuntu as the username.
  • Not working for me. Using a Bitnami AMI, they say bitnami is the username, using the right .pem, started in a new shell, and nothing. Extremely frustrating, this is day 2 of no progress.
  • What can you do if you don't still have a connection open??
  • Answered my own question: attach the EBS volume to a different EC2, get in there and change permissions, then re-attach to the instance you care about
  • +1 we had a same issue and this is the exact reply provided to us by the amazon support team. The permissions on the home folder were the culprit.
  • Yes!! this was exactly the problem, and without having a second connection to do any sleuthing, this post was a life saver!
  • @Nate I tried attaching the EBS volume to another instance but now I get the same issue on that instance. Makes sense, because now that instance has the faulty permissions. How did you avoid that?
  • Thank you for this hint. That was my problem, too.