0

i had an ssh key on aws instance (let's call it key a); however, it wasn't allowing me to access my github account, so i generated a new ssh key (key b). the good thing is that i was able to access github, but the bad thing is that i now can't access my aws instance through ssh.

any idea what i can do? i've tried changing the permissions on the pem file to no avail. i'm running ubuntu 12.04 on aws remotely and a windows machine locally.

additional info: when i created key b and named it rsa_id.pub, i didn't intentionally or explicitly overwrite key a. i've tried two syntaxes, ssh (my default) and the ssh -i xxx.pem ubuntu@ec2-xxx-xx-xxx-x.compute-1.amazonaws.com. neither of these syntaxes are working. 

OpenSSH_6.4, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /home/xx/.ssh/config
debug1: /home/xx/.ssh/config line 1: Applying options for awshost1
debug1: Connecting to ec2-xx-xxx-xxx-xx.us-west-2.compute.amazonaws.com [54.201.134.83] port 22.
debug1: Connection established.
debug1: identity file /home/xx/.ssh/xx.pem type -1
debug1: identity file /home/xx/.ssh/xx.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug1: Host 'ec2-xx-xxx-xxx-xx.us-west-2.compute.amazonaws.com' is known and matches the ECDSA host key.
debug1: Found key in /home/xx/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/xx/.ssh/xx.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
oammon
  • 189
  • 1
  • 4
  • 12
  • Always create a snapshot of your server on S3 once it is setup. That way, you can recover from anything from hardware failure at the AWS data center to changing your SSH key. – Eric J. Apr 30 '14 at 22:32

2 Answers2

1

If your instance is EBS-backed (and it should be), all is not lost. You can move the instance to a machine and set a new key in the process:

http://blog.celingest.com/en/2013/11/14/replace-lost-keypair-ec2-instance/

Community
  • 1
  • 1
Eric J.
  • 147,927
  • 63
  • 340
  • 553
0

There are two important pieces of information missing here:

  • did you create a new key, or did you overwrite your existing one (on your local machine)

  • how specifically are you attempting to ssh, that is to say what is the exact ssh syntax?

Assuming that you generated a new key to access your github account, that shouldn't affect your existing key pair to your AWS instance. You should be running something along the lines of 

ssh -i /path/to/key.pem ubuntu@your-public-dns-name

Additionally, you should make sure that your key file has the appropriate permissions.

drldcsta
  • 413
  • 3
  • 8
  • i've added the additional info to the original post. i've made sure the permissions are correct and still no success. – oammon May 01 '14 at 13:29