amazon web services - with - Permission denied(publickey) when SSH Access to Amazon EC2 instance

permission denied(publickey). lost connection aws (20)

All of the top ranked answers above are accurate and should work for most cases. In the event that they don't as was in my case, I simply got rid of my ~/.ssh/known_hosts file on the machine I was trying to ssh from and that solved the problem for me. I was able to connect afterwards.

I want to use my Amazon ec2 instance but faced the following error:

Permission denied (publickey).

I have created my key pair and downloaded .pem file.


chmod  600 pem file.

Then, this command

ssh -i /home/kashif/serverkey.pem  [email protected]

But have this error:

Permission denied (publickey)

Also, how can I connect with filezilla to upload/download files?

Another Possible Issue: Wrong login ID

Check 'Usage Instructions'

All good suggestions above, but what I ran into was that I selected a pre-made instance. After the instance has started , look at the usage instructions. I incorrectly used login id of the private key when in the instructions I was supposed to use 'bitnami' (e.g. [email protected] -i key.pem)

Here is a possible frustrating scenarios that produces this error:

If you are lunching a new instance from an AMI you created of another instance (say instance xyz), then the new instance will only accept the same key that instance A used. This is totally understandable but it gets confusing because during the step by step process of creating the new instance, you are asked to select or create a key (at the very last step) which will not work.

Regardless of the key you create or select, only the key you were using for instance XYZ will will be accepted by the new instance.

I forgot to add the username (ubuntu) when connecting my Ubuntu instance. So I tried this:

ssh -i /path/my-key-pair.pem

and the correct way was

ssh -i /path/my-key-pair.pem [email protected]

I had similar error

debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: xxxx.pem
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

My problem was that the instance did not start properly due to error on the run-on-start-up script from Step 3: Configure instance detail under Advanced details:

What I thought I entered:


What actually entered breaks the instance setup



So the public key on instance side was not created

I solved the problem just putting sudo before

sudo ssh -i mykey.pem

But the proper solution is to change the ownership first, and then connect as a normal user as Janus Troelsen said below. In my case it would be:

chown wellington:wellington key.pem

I struggled with this for a while too until I found the following:

eb ssh

When you use that from the project directory, bingo-bango no muss no fuss, you're in

I was able to SSH from one machine, but not from another. Turns out I was using the wrong private key.

The way I figured this out was by getting the public key from my private key, like this:

ssh-keygen -y -f ./myprivatekey.pem

What came out didn't match what was in ~/.ssh/authorized_keys on the EC2 instance.

I've twice had keys and ssh command line correct (I know because I'm duplicating a working Ubuntu 14.04 instance), but just not been able to ssh into a new instance, even after waiting 5 minutes as suggested by Wade Anderson above.

I had to destroy and re-create the machine. This has happened on two separate occasions. Since I can't get in initially, I can't see what's wrong.

So, if you have this problem, try that.

In my own case, i did the following:

chmod 400 <key.pem>

ssh -i <key.pem> [email protected]_public_dns (for debian)

I was initially using [email protected] part and i got this prompt:

Please login as the user "ec2-user" rather than the user "root".

It's a basic thing, but always confirm which user you are trying to do the login. Im my case was just a distraction. I was trying using a root user:

ssh -i ~/keys/<key_name> [email protected]

But was another user:

ssh -i ~/keys/<key_name> [email protected]

It's case sensitive.

Wrong : SSH EC2-user@XXX.XX.XX.XX -i MyEC2KeyPair.pem

Correct : SSH ec2-user@XXX.XX.XX.XX -i MyEC2KeyPair.pem

This error message means you failed to authenticate.

These are common reasons that can cause that:

  1. Trying to connect with the wrong key. Are you sure this instance is using this keypair?
  2. Trying to connect with the wrong username. ubuntu is the username for the ubuntu based AWS distribution, but on some others it's ec2-user (or admin on some Debians, according to Bogdan Kulbida's answer)(can also be root, fedora, see below)
  3. Trying to connect the wrong host. Is that the right host you are trying to log in to?

Note that 1. will also happen if you have messed up the /home/<username>/.ssh/authorized_keys file on your EC2 instance.

About 2., the information about which username you should use is often lacking from the AMI Image description. But you can find some in AWS EC2 documentation, bullet point 4. :

Use the ssh command to connect to the instance. You'll specify the private key (.pem) file and [email protected]_dns_name. For Amazon Linux, the user name is ec2-user. For RHEL5, the user name is either root or ec2-user. For Ubuntu, the user name is ubuntu. For Fedora, the user name is either fedora or ec2-user. For SUSE Linux, the user name is root. Otherwise, if ec2-user and root don't work, check with your AMI provider.

Finally, be aware that there are many other reasons why authentication would fail. SSH is usually pretty explicit about what went wrong if you care to add the -v option to your SSH command and read the output, as explained in many other answers to this question.

This has happened to me multiple times. I have used Amazon Linux AMI 2013.09.2 and Ubuntu Server 12.04.3 LTS which are both on the free tier.

Every time I have launched an instance I have permission denied show up. I haven't verified this but my theory is that the server is not completely set up before I try to ssh into it. After a few tries with permission denied, I wait a few minutes and then I am able to connect. If you are having this problem I suggest waiting five minutes and trying again.

This issue can be solved by login into Ubuntu box using below command:

ssh -i ec2key.pem [email protected]

You need to do the following steps:

  1. Open your ssh client or terminal if you are using Linux.
  2. Locate your private key file and change your directory.
    cd <path to your .pem file>
  3. Execute below commands:
    chmod 400 <filename>.pem
    ssh -i <filename>.pem [email protected]<>

If ubuntu user is not working then try with ec2-user.

for the ubuntu 12.04 lts micro instance i had to set the user name as option

ssh -i pemfile.pem -l ubuntu dns

same thing happened to me, but all that was happening is that the private key got lost from the keychain on my local machine.

ssh-add -K

re-added the key, then the ssh command to connect returned to work.

you must check these few things:

  1. Make sure your IP address is correct
  2. Make sure you are using the correct Key
  3. Make sure you are using the correct username, you can try: 3.1. admin 3.2. ec2-user 3.3. ubuntu

I had the same problem, and it solved after I changed username to ubuntu. In AWS documentation was mentioned to user ec2-user but somehow does not work for me.