3

I'm able to ssh -i mykey.pem to EC2. I'm able to scp -i mykey.pem to EC2. But when I try to rsync -avz -e "ssh -i mykey.pem" I get this error:

Warning: Identity file mykey.pem not accessible: No such file or directory.
Permission denied (publickey).
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: unexplained error (code 255) at io.c(605) [sender=3.0.9]

Any suggestions what I've done wrong?

isomorphismes
  • 139
  • 2
  • 12
  • 2
    Have you considered setting up an SSH agent, or adding the key to your `.ssh/config` file so you don't need to provide an option at all? – Zoredache Sep 24 '12 at 21:46
  • @Zoredache I don't know how to do that but it sounds like a good idea. – isomorphismes Sep 24 '12 at 21:49
  • 1
    Identity file - http://serverfault.com/a/418755/984 – Zoredache Sep 24 '12 at 22:12
  • what's the permissions on the pem file ? (la -l) – Sirex Sep 24 '12 at 22:22
  • @Sirex I changed them to `chmod 400 mykey.pem` based on some advice elsewhere on the Web. (or maybe it was based on an error message) – isomorphismes Sep 26 '12 at 03:13
  • @Zoredache Thanks for the link. Based on your answer http://serverfault.com/a/418755/984 I still don't understand exactly what I'm supposed to do but I'm continuing to read up on the topic. – isomorphismes Sep 26 '12 at 03:15
  • Presumably when the -e option invokes ssh it does so with standard permission? No idea what the fix is though because changing the .pem file's permission to be accessible to group/user will prevent ssh from using the key. – Matt Parkins May 15 '13 at 12:18

2 Answers2

4

Make sure the .pem file is indeed where you think.

Try rsync -avz -e "ssh -i ./mykey.pem" using a ./.

Note: For that example, your .pem must be inside the current working directory. If it's elsewhere, then change it to use an absolute path (/home/me/path/to/file.pem)

ionFish
  • 315
  • 2
  • 11
  • Hey, good suggestion but that's not the problem. – isomorphismes Sep 24 '12 at 21:49
  • +1 for ionFish. I just verified this exact issue with my own AWS setup. Relative path to the private key fails with the above error, full absolute path works. I'm guessing it's a subshell issue, but use the full path and you should be fine. – khoxsey Sep 26 '12 at 04:39
  • @khoxsey I'm using the full path already. I have it working with `ssh -i /full/path/to/mykey.pem` and `scp -i /full/path/to/mykey.pem` so the full path must be correct. – isomorphismes Sep 26 '12 at 06:59
  • Using it already? That's my bad then. Unfortunately, that puts this into the realm of "it works on my machine", which is annoyingly unhelpful. – khoxsey Sep 26 '12 at 16:31
  • Or just add the key/site to your ~/.ssh/config directory and be done with it. – gravyface Sep 26 '12 at 17:14
  • Thank you so so much,,I googled the whole day and now the aboved three commands solved my issue: have a good day –  Jul 13 '14 at 12:28
4

As a debugging angle, try running ssh-agent in your shell session as described in this SO answer on a similar question. Basically, you run ssh-agent locally, add your key, and then see if rsync picks it up properly. The idea is to flush out some other error, hopefully providing some insight into the real problem (since we've come up dry in the comments).

Command string is this:

eval $(ssh-agent)
ssh-add path/to/mykey.pem
rsync -avz localfile remoteuser@ec2-instance:/remotelocation

This works in my environment for access to my AWS systems.

Community
  • 1
khoxsey
  • 725
  • 4
  • 9