9

So I'm trying to set up an EC2 instance on AWS and I've created a key pair and downloaded the .pem file. However, when I try to open it I get the error message:

Keychain error message

I've also read about entering the following in the terminal to work around the issue:

security import pub_key.pem -k ~/Library/Keychains/login.keychain

but this doesn't work either (I get the following error message:

security: Error reading infile pub_key.pem: No such file or directory).

I've also tried just creating new key pairs but the problem persists.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
torola
  • 113
  • 1
  • 2
  • 8
  • I am having the same issue. Isn't this part of the idea of using the keychain to store certificates like this? I want to access my amazon key from other machines. – wcochran Jan 29 '18 at 05:44

3 Answers3

8

The keychain extension changed with Sierra. Now it is login.keychain-db. You should navigate to where the pem key file is and use

security import pub_key.pem -k ~/Library/Keychains/login.keychain-db
joc7188
  • 91
  • 1
  • 4
  • Thanks, Follow up question. Now what? If I want to use that stored key to connect, how would I do so? – mreff555 May 29 '20 at 00:14
  • Now if you want to connect it should be via ssh. You have two options: 1. If your instance has a public DNS name use the following command `ssh -i /path/my-key-pair.pem my-instance-user-name@my-instance-public-dns-name` 2. If your instance has an IPV6 address use the following command `ssh -i /path/my-key-pair.pem my-instance-user-name@my-instance-IPv6-address`. As it was already mentioned in another comment, the documentation is [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html) – joc7188 Jun 08 '20 at 09:41
  • What is the point of putting the pen file in the keychain if you still have to specify it on the command line? That’s what I do now. – mreff555 Jun 10 '20 at 13:47
5

Make sure you navigate to terminal to where the pem key file actually is. Then use 

security import pub_key.pem -k ~/Library/Keychains/login.keychain
chickenman
  • 728
  • 2
  • 9
  • 29
-2

The .pem file contains your private key used for establishing an ssh connection with an Amazon EC2 instance (or any Linux instance).

Do not open (double-click) the .pem file. Instead, you will use it with the ssh command to connect with your instance, eg:

ssh -i yourfile.pem ec2-user@54.1.2.3

See documentation: Connecting to Your Linux Instance Using SSH

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
  • 3
    Using the PEM isn't the problem. Storing it somewhere safe is. That's what the Keychain is for. Why Keychain doesn't allow this is the question. – wcochran Jan 29 '18 at 05:45