ssh into EC2 instance asks for password despite using a pem file

Question

I downloaded the pem file on my Windows machine and I am able to connect to my instance with the puttygen generated ppk file (which has a public and a private key in it). I copied the pem file over onto a linux box and tried ssh -i pemfile.pem root@ec2instance.com -v but ssh is asking me for a password. The debug output (-v) is as follows:

debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/w/jpgate.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password
root@ec2instance.com's password:

So I suppose I need a public key, right? How do I get the public key on linux? Why does every tutorial tell that I only need to ssh -i key.pem root@instance.com?

Answer 1

What kind of AMI / Linux distro are you using?

Maybe logging in as root is not allowed. E. g. for an Amazon Linux AMI you will have to log in as ec2-user (not sure about the dash) and for Ubuntu AMIs it would be the ubuntu user.

Answer 2

I just found the solution by myself:
I hadn't yet generated an ssh public key (no id_rsa, id_rsa.pub in ~/.ssh/) so I generated one:
ssh-keygen -t rsa -C "my@mailaddress.de"

Edit:
If it were the wrong username, the debug print would've looked like in this question.

Answer 3

A lot of EC2 information implies the user name is usually or always ec2-user. Not true. It can be root for CentOS, ubuntu for Ubuntu etc. And for whatever reason, the user name is not documented with the AMI! Very irritating. You may have to try different user names.

If you are prompted for a password from SSH, it is clear evidence the provided user name is wrong.

Answer 4

We just had the same issue. The culprit was that /home directory did not have execute permission for the users