0

Just to clarify: the error I'm getting is not related with ssh files permissions. I'm not getting an error related with permissions.

I've the following ~/.ssh/config file

Host git-codecommit.*.amazonaws.com
  User APKAIxxxxxxxxxxxxxxx
  IdentityFile ~/.ssh/id_rsa

config and id_rsa files have the following permissions

-rw------- 1 jmsanzg jmsanzg   93 jun 24 16:23 config
-rw------- 1 jmsanzg jmsanzg 1679 abr 26  2015 id_rsa
-rw-r--r-- 1 jmsanzg jmsanzg  396 abr 26  2015 id_rsa.pub

.ssh directory has the following permissions

drwx------  2 jmsanzg jmsanzg      4096 jun 24 16:23 .ssh

If I execute ssh forcing it to use the certificate and then it works

jmsanzg@jmsanz:~$ ssh -i ~/.ssh/id_rsa [email protected]
You have successfully authenticated over SSH. You can use Git to interact with AWS CodeCommit. Interactive shells are not supported.Connection to git-codecommit.us-east-2.amazonaws.com closed by remote host.
Connection to git-codecommit.us-east-2.amazonaws.com closed.

But whenever I try to execute it directly trying to use the config file it fails

jmsanzg@jmsanz:~$ ssh git-codecommit.us-east-2.amazonaws.com
Permission denied (publickey).

Also if I set the user, just making tries to find why it fails, well, it fails too

jmsanzg@jmsanz:~$ ssh [email protected]
Permission denied (publickey).

This is driving me crazy because it worked like a charm since 2015 and yesterday sudendly stopped working without making (I think so) any change. I've tried the -v parameter on both and I cannot see any specific difference. Just at the end, the command line offers the RSA public key

debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: /home/jmsanzg/.ssh/id_rsa
debug1: Server accepts key: pkalg rsa-sha2-256 blen 279
debug1: Authentication succeeded (publickey).

while the other command line that should use the config file is not offering the file /home/jmsanzg/.ssh/id_rsa

debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

EDIT To make things more interesting. I've copied config, id_rsa and id_rsa.pub files to another computer. Gave the same permissions and...they work both ways, using config and with the full command line.

Improve this question
2
  • Try two -v parameters, or three. Try also the -G option (if your SSH client is new enough) to check if the configuration is being read.
    – grawity_u1686
    Commented Jun 24, 2022 at 17:28
  • @user1686 The configuration is being read because one of the outputs is debug1: Authenticating to git-codecommit.us-east-2.amazonaws.com:22 as 'APKAxxxxxxxxxxxxxxxx'
    – JoséMi
    Commented Jun 24, 2022 at 19:41

1 Answer 1

Reset to default
1

I had the same problem, ec2 and everything. When running ssh host-name -v I'd get connection timed out. I tried:

  • opening permissions on ec2 ssh inbound
  • opening chmod permissions on .pem (can't do that, must be 400)
  • simplifying key name

Finally, I just double checked my HostName and it was the wrong ec2 instance. Also, there are multiple .ssh/config locations:

  • /etc/ssh/ssh_config
  • ~/.ssh/config

Mine is working now with correct ec2 instance:

  • cwd = ~
  • config loc = ~/.ssh/config
  • config file
Host terraria
    HostName "###-###-##-##-###.compute-1.amazonaws.com"
    User ubuntu
    IdentityFile ~/.ssh/"Terraria Key.pem"
  • ssh terraria
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .