search

aws / aws-ec2-instance-connect-config

This is the ssh daemon configuration and necessary EC2 instance scripting to enable EC2 Instance Connect. Also included is various package manager configurations for packaging for various Linux distributions.
Apache License 2.0
83 stars 35 forks source link

Permission Denied after "Successfully pushed the public key" #32

Open MarkoPaul0 opened 3 years ago

MarkoPaul0 commented 3 years ago

When running the following command on mac os:

mssh -d -r eu-west-2 i-XXXXXXXXXXXXXXX

I get the following output

2021-07-24 19:15:58,821 - botocore.httpsession - DEBUG - Certificate path: /usr/local/lib/python3.9/site-packages/botocore/cacert.pem
2021-07-24 19:15:59,629 - botocore.parsers - DEBUG - Response headers: {'x-amzn-RequestId': 'cec3279a-c220-45b7-b99b-930c0a7a8fe0', 'Content-Type': 'application/x-amz-json-1.1', 'Content-Length': '67', 'Date': 'Sat, 24 Jul 2021 23:15:59 GMT'}
2021-07-24 19:15:59,629 - botocore.parsers - DEBUG - Response body:
b'{"RequestId":"cec3279a-c220-45b7-b99b-930c0a7a8fe0","Success":true}'
2021-07-24 19:15:59,629 - botocore.hooks - DEBUG - Event needs-retry.ec2-instance-connect.SendSSHPublicKey: calling handler <botocore.retryhandler.RetryHandler object at 0x1139e8e80>
2021-07-24 19:15:59,629 - botocore.retryhandler - DEBUG - No retry needed.
2021-07-24 19:15:59,631 - EC2InstanceConnect - DEBUG - Successfully pushed the public key to i-XXXXXXXXXXXXXXX
2021-07-24 19:15:59,632 - EC2InstanceConnect - DEBUG - Generated command: ssh -o "IdentitiesOnly=yes" -i /var/folders/vk/11pm_tqj4llb5h4j36cqp7480000gn/T/tmpsb6y5b8t ec2-user@35.176.217.237
ec2-user@35.176.217.237: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
2021-07-24 19:16:03,205 - EC2InstanceConnect - DEBUG - Deleting the private key file: /var/folders/vk/11pm_tqj4llb5h4j36cqp7480000gn/T/tmpsb6y5b8t

You can see the final lines suggest the temporary key was successfully pushed, yet get permission denied after that. The time sync solution reported by others did not solve my problem. This is rather strange since I am able to mssh into other instances, all of which are Amazon Linux 2. I am doing all of this from a mac. Any help would be really appreciated :)

timharris777 commented 3 years ago

Simillar issue. The same process that works on one instance does not work on another. After pushing key and trying to connect it ends with Permission denied (publickey)

Haven't been able to figure this one out

MarkoPaul0 commented 2 years ago

This is still an issue for me. I would really appreciate any help :)

francilioaraujo commented 2 years ago

I'm stuck in this too. At the server side I see these logs

Jul 25 22:47:17 xxxxxxxxxxx sshd[5498]: AuthorizedKeysCommand /usr/share/ec2-instance-connect/eic_run_authorized_keys ubuntu SHA256:xxxxxxxxxxxxx failed, status 124
Jul 25 22:47:17 xxxxxxxxxxx sshd[5498]: Connection closed by authenticating user xxx xx.xx.xx.xx port 33464 [preauth]
flashharry82 commented 2 years ago

Also same issue here:

EC2InstanceConnect - DEBUG - Successfully pushed the public key to i-XXXXXXXXXXXXXXXXX EC2InstanceConnect - DEBUG - Generated command: ssh -o "IdentitiesOnly=yes" -i /var/folders/x9/qblbrv210894j9448_nkzf900000gn/T/tmpdhvvdwwb ubuntu@XXX.XXX.XXX.XXX ubuntu@XXX.XXX.XXX.XXX: Permission denied (publickey).

EC2InstanceConnect - DEBUG - Deleting the private key file: /var/folders/x9/qblbrv210894j9448_nkzf900000gn/T/tmpdhvvdwwb

q42jaap commented 1 year ago

I have the same issue

vl-kp commented 1 year ago

same issue