-1

I used the following command in the directory where .pem exists to use the Chrome Extension, Secure Shell.

$ sudo chmod 400 myKeyPair.pem

$ ssh-keygen -y -f myKeyPair.pem > myKeyPair.pub

$ touch myKeyPair

$ sudo cat myKeyPair.pem > myKeyPair

And it worked perfectly within the Secure Shell Extension.

And I deleted all the files and created a new key pair (with the same name). And I ssh through the MacOS terminal. However, this will result in "Permission denied (publickey)." I think .pem is a new file, but the previous command still seems to have an effect.

How can I run an existing .pem before the public key conversion and SSH connection through a single .pem?

Ah! And I have another completely different question. For example, after creating EC2 via the WordPress AMI in AWS Marketplace and writing a post, is this stored in EBS?

Thanks in advance to everyone who answers.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
COLEAN
  • 665
  • 2
  • 9
  • 24
  • AFAIK when you create a new EC2 instance, the `.pem` file you get is a for-life file. Did you create a new EC2 instance to obtain the new `.pem` file? – Tim Biegeleisen May 05 '19 at 14:43
  • Yes. I deleted all three files I created earlier (MyKeyPair, MyKeyPair.pem, MyKeyPair.pub). And I created a new instance and key pair. (The new key pair is named MyKeyPair.pem as before.) – COLEAN May 05 '19 at 14:44
  • Please ask your WordPress question as a separate Question, rather than combining two unrelated questions in one Question. – John Rotenstein May 05 '19 at 23:39

1 Answers1

0

When a Keypair is generated, it contains a random key. Therefore, every time a keypair is generated, it is different. The actual name of a keypair is irrelevant.

So if you do the following:

  • Create a keypair
  • Launch an EC2 instance providing that keypair
  • Delete the keypair

then you will never be able to login to the instance because you no longer have the keypair used when the instance was launched.

What actually happens is that when an instance is launched, some code on the instance copies the public half of the keypair to the /users/ec2-user/.ssh/authorized_keys file. Then, when somebody tries to login with the private half of a keypair, Linux compares the two halves of the keypair. If they match, the user is allowed to login.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470