scp (secure copy) to ec2 instance without password

Question

I have an EC2 instance running (FreeBSD 9 AMI ami-8cce3fe5), and I can ssh into it using my amazon-created key file without password prompt, no problem.

However, when I want to copy a file to the instance using scp I am asked to enter a password:

scp somefile.txt -i mykey.pem root@my.ec2.id.amazonaws.com:/

Password:

Any ideas why this is happening/how it can be prevented?

Are you using excatly the same identifier for the user and host? — Lynch, Jul 02 '11 at 16:10
I'm not sure I understand what you mean by identifier, could you explain? — Hoff, Jul 02 '11 at 16:13
if for one connection you use an Ip address and for the other you use a name it will not work. I just saw that you use `-i` option to provide your identity. May be you should also show the command you use to log in with ssh. — Lynch, Jul 02 '11 at 16:18

score 959 · Accepted Answer · edited Mar 22 '16 at 20:36

959

I figured it out. I had the arguments in the wrong order. This works:

scp -i mykey.pem somefile.txt root@my.ec2.id.amazonaws.com:/

edited Mar 22 '16 at 20:36

Westy92

19,087
4
72
54

answered Jul 02 '11 at 16:19

Hoff

38,776
17
74
99

20

from who understand how to connect to ec2 through ssh, just change the `ssh` command to `scp` and add the name file after the pem file. – Claudio Santos Sep 28 '13 at 12:08
19

Since this answer is a little old, a more recent example from my new EC2 instance: scp -i kp1.pem ./file.txt ec2-user@1.2.3.4:/home/ec2-user – siliconrockstar Jan 11 '15 at 21:46
I'm getting "No space left on device" when I execute this command. scp -i /home/myusername/keypair.pem -r /home/myusername/digits/digits/jobs/20150724-111748-8bd3 ubuntu@ec2-xx-xx-xx-xx-xx.compute-x.amazonaws.com:/home/ubuntu – San Aug 03 '15 at 13:13
3

@siliconrockstar Your statement `ec2-user@1.2.3.4:/home/ec2-user` is easily replaced with the shorter and easier `ec2-user@1.2.3.4:./` `./` FTW! – brock Apr 01 '16 at 14:19
In my experience ~ and ./ operators don't always resolve correctly on remote machines, so I got into the habit of using the full path, but +1 if it's working for you. – siliconrockstar Apr 03 '16 at 03:32
One more way: Create/edit ~/.ssh/config file and add remote-host entry there. Then, `$ scp /source/file_to_copy.txt remote-user@remote-host:/destination` – ChandanK Jan 26 '18 at 19:42
2

A very late comment, but what @ClaudioSantos suggests doesn't work exactly if you're using a non-standard port. It's -p for ssh and -P for scp. – Inukshuk Jan 17 '19 at 03:04
3

I can use my *.PEM file to ssh into ec2. however, when I want to use it to SCP a file, it gives me the "Permission Denied" error! How can I solve this? – AleX_ Jan 18 '19 at 22:27
@AleX_ try pscp (PuTTY with pscp) --> `pscp -i /path/to/your/.pemkey -r user@##-##-##-##:/path/to/files .` the trailing period just says to drop the files where you are. I got started with pscp here: https://www.ssh.com/ssh/putty/putty-manuals/0.68/Chapter5.html – Joe Parzival Apr 26 '19 at 19:11
Worked like a charm ! i was trying -i abc.pem at end. I reorderd as per your suggestion and it worked perfectly. Thanks. – Mounish Ambaliya Oct 16 '19 at 09:05
@JoeParzival: and with macos terminal? – Ponzio Pilato Oct 22 '20 at 10:25
What if you want to cp from 1 remote instance to another. The following didn't work for me even through I can ssh to each server with the key scp -i mykey.pem root@one.ec2.id.amazonaws.com:/somefile.txt root@two.ec2.id.amazonaws.com:/ – Jeff H Dec 28 '21 at 17:48
In case the .pem file doesn't have root permissions, one should enter the user path. for eg. In case of ubuntu, it is "/home/ubuntu". so the command becomes - "scp -i mykey.pem somefile.txt user@my.ec2.id.amazonaws.com:/home/ubuntu" – gauravtolani Nov 02 '22 at 17:46

score 69 · Answer 2 · answered Apr 10 '14 at 10:24

69

scp -i /path/to/your/.pemkey -r /copy/from/path user@server:/copy/to/path

answered Apr 10 '14 at 10:24

Syed Priom

1,893
1
21
22

(-r) parameter is not required but it's required to remove (/) from the end of remote path. Your example worked for me, Thanks a lot – Abbas Dec 06 '17 at 04:40
how to delete existing from server before upload? – Santosh Apr 22 '23 at 09:35

Jamil Noyda · Answer 3 · 2019-11-21T13:48:04.097

62

copy a file from a local server to a remote server

sudo scp -i my-pem-file.pem ./source/test.txt ec2-user@1.2.3.4:~/destination/

copy a file from a remote server to a local machine

sudo scp -i my-pem-file.pem ec2-user@1.2.3.4:~/source/of/remote/test.txt ./where/to/put

So the basically syntax is:-

scp -i my-pem-file.pem username@source:/location/to/file username@destination:/where/to/put

-i is for the identity_file

edited Nov 21 '19 at 13:48

answered Nov 19 '19 at 06:49

Jamil Noyda

3,321
2
21
26

1

Only this worked for me. Rest all failed. Thanks a ton – Vinay Jain Apr 06 '23 at 10:37

Renato Coutinho · Answer 4 · 2018-05-10T20:13:57.343

41

I've used below command to copy from local linux Centos 7 to AWS EC2.

scp -i user_key.pem file.txt ec2-user@my.ec2.id.amazonaws.com:/home/ec2-user

edited May 10 '18 at 20:13

answered Apr 26 '18 at 17:41

Renato Coutinho

1,151
10
7

score 22 · Answer 5 · edited Apr 02 '19 at 17:03

22

Making siliconerockstar's comment an answer since it worked for me

scp -i kp1.pem ./file.txt ec2-user@1.2.3.4:/home/ec2-user

edited Apr 02 '19 at 17:03

Pritam Banerjee

17,953
10
93
108

answered Mar 25 '16 at 15:08

joseph.hainline

24,829
18
53
70

score 19 · Answer 6 · answered Oct 07 '16 at 03:45

19

scp -i ~/.ssh/key.pem ec2-user@ip:/home/ec2-user/file-to-copy.txt .

The file name shouldnt be between the pem file and the ec2-user string - that doesnt work. This also allows you to reserve the name of the copied file.

answered Oct 07 '16 at 03:45

Dele

730
6
10

score 8 · Answer 7 · answered Feb 19 '16 at 10:36

8

lets assume that your pem file and somefile.txt you want to send is in Downloads folder

scp -i ~/Downloads/mykey.pem ~/Downloads/somefile.txt root@my.ec2.id.amazonaws.com:~/

let me know if it doesn't work

answered Feb 19 '16 at 10:36

Yatender Singh

3,098
3
22
31

scp -i /Users/Username/Downloads/myfile.pem -r ubuntu@my.ect.id.amazonaws.com:~/ ~/Desktop/ in case u want to transfer file from server to local – Yatender Singh Mar 28 '16 at 07:29
2

Thanks I got "access denied" with `:/` at the end but with `:~/` it works – cardamom Jul 03 '17 at 11:51
yeah because :/ is root folder and :~/ is user folder so if you are root user then :/ or :~/ anything will work and if you are not root user then only :~/ you have to use. – Yatender Singh Jul 03 '17 at 12:52

score 4 · Answer 8 · edited Mar 04 '15 at 08:27

4

scp -i /home/barkat/Downloads/LamppServer.pem lampp_x64_12.04.tar.gz

this will be very helpful to all of you guys

edited Mar 04 '15 at 08:27

ProfGhost

359
2
20

answered Oct 28 '13 at 09:38

Barkat

49
1

score 2 · Answer 9 · answered May 01 '15 at 21:59

My hadoopec2cluster.pem file was the only one in the directory on my local mac, couldn't scp it to aws using scp -i hadoopec2cluster.pem hadoopec2cluster.pem ubuntu@serverip:~.

Copied hadoopec2cluster.pem to hadoopec2cluster_2.pem and then scp -i hadoopec2cluster.pem hadoopec2cluster_2.pem ubuntu@serverip:~. Voila!

BuvinJ · Answer 10 · 2015-09-21T13:23:12.457

2

I was hung up on this because I was specifying my public key file in

scp -i [private key file path]

When I caught that mistake and changed it to the private key path instead, I was all set.

edited Sep 21 '15 at 13:23

answered Jul 24 '15 at 15:10

BuvinJ

10,221
5
83
96

score 2 · Answer 11 · answered May 02 '18 at 17:27

2

In your case, the user root won't have any issues. But in certain cases where you're required to login under SSH as a different user, make sure the directory you're scp-ing has adequate permissions for the user you're SSH-ing.

answered May 02 '18 at 17:27

Shawn

513
9
18

score 2 · Answer 12 · edited May 02 '19 at 20:17

2

To use PSCP, you need the private key you generated in Converting Your Private Key Using PuTTYgen. You also need the public DNS address of your Linux instance

pscp -i C:\path\my-key-pair.ppk C:\path\Sample_file.txt ec2-user@public_dns:/home/ec2-user/Sample_file.txt

edited May 02 '19 at 20:17

mechnicov

12,025
4
33
56

answered May 02 '19 at 16:37

dheeraj kumar

419
4
6

Tejas Tank · Answer 13 · 2022-09-17T08:36:05.217

2

For ec2 server

#move your key to /tmp or right folder on server

Assign right permission

sudo chmod 600 /tmp/dev-sunrobotics-snippetbucketcom.pem

then connect to server or transfer

scp -i /tmp/dev-snippetbucketcom.pem filestore.tar.gz ubuntu@85.111.5.33.98:/tmp

Make sure in your ip security you have allow ip address to connect

edited Sep 17 '22 at 08:36

answered Feb 08 '22 at 04:16

Tejas Tank

1,100
2
16
28

score 0 · Answer 14 · answered Sep 23 '16 at 03:15

write this code

scp -r -o "ForwardAgent=yes" /Users/pengge/11.vim root@192.168.2.228:/root/

If you have a SSH key with access to the destination server and the source server does not, adding -o "ForwardAgent=yes" will allow you to forward your SSH agent to the source server so that it can use your SSH key to connect to the destination server.

score -6 · Answer 15 · edited Jan 28 '17 at 01:02

-6

Just tested:

Run the following command:

sudo shred -u /etc/ssh/*_key /etc/ssh/*_key.pub

Then:

create ami (image of the ec2).
launch from new ami(image) from step no 2 chose new keys.

edited Jan 28 '17 at 01:02

Unheilig

16,196
193
68
98

answered Jan 28 '17 at 00:42

amar essa

71
1
2
9

scp (secure copy) to ec2 instance without password

15 Answers15

For ec2 server

Assign right permission

then connect to server or transfer

Linked

Related