1

Hi I've never posted a question here but, I'm trying to access an AWS instance without entering a password with the following and having some issues.

$ ssh -i ~/.ssh/id_rsa_aws.pub ubuntu@ipaddresshere

However it's prompting me for a password even though the key I generated using the following and I left the password field blank when prompted. 

$ ssh-keygen -t rsa -b 1024

When I access the server if I enter a blank field for the password I get permission denied if I enter a password it prompts me to re-enter a value, so I believe it accepts the blank password but denies the key.

I've stored the contents of id_rsa_aws.pub in authorizedkeys2 and I believe all permissions are set correctly.

To do a bit more testing I used another key that I generated previously for another instance just called id_rsa.pub and copied that to authorizedkeys2 and can get in fine with that.

Permissions are the same for the keys.

Why is the key I'm generating not working if the other one is?

I've roughly followed the below link, only difference is using a different identity file than id_rsa.pub

https://forums.aws.amazon.com/message.jspa?messageID=211493

EEAA
  • 109,363
  • 18
  • 175
  • 245
Devon Mather
  • 13
  • 3
  • taking a wild guess...what user are running the client side connection command as? if you're using -i and it succeeds when destination specified as ipaddresshere but not ubunutu@ipaddresshere, omit the `~` and use the full path to the key. – inetplumber Sep 05 '13 at 01:45
  • Have you tried verbose logging? – Drew Khoury Sep 05 '13 at 03:28

1 Answers1

2

OK, you have a couple issues going on here. I'll knock them off one by one.

$ ssh -i ~/.ssh/id_rsa_aws.pub ubuntu@ipaddresshere

First issue is here. Your identity file is not the public key file. Your identity file is your private key file. As such, the command you're running should be:

$ ssh -i ~/.ssh/id_rsa_aws ubuntu@ipaddresshere

I've stored the contents of id_rsa_aws.pub in authorizedkeys2 and I believe all permissions are set correctly.

Second issue is here. authorizedkeys2 is not where your sshd is looking for your public key file. I think you possibly meant authorized_keys2 (note the underscore), but even that would not be the correct place (though it may work). The authorized_keys2 file has been deprecated for quite a while, in favor of a single, unified, ~/.ssh/authorized_keys file which holds both RSA and DSA keys.

EEAA
  • 109,363
  • 18
  • 175
  • 245
  • Thanks for the replies, appreciated didn't realized it would be so simple always just been using the default id_rsa without explicitly calling it. Removing the .pub in the command fixed the issue. Thanks for the tip that authorized_key2 is deprecated as well. – Devon Mather Sep 05 '13 at 09:51