0

I have a similar question to this other question, but the info provided doesn’t help me.

I set up a CentOS HVM instance on AWS to learn Linux. My initial (root?) account centos can log in fine using the initial key pair I created on AWS console. Using PuTTY (after PuTTYgen to generate teh appropriate kley foromat locally), on login I was presented with the key challenge and I elected "yes" to save it locally.

I don't know where the (separate) login challenge key is stored locally on my Windows laptop when I initially logged into the server using that account. It must be stored by username or Windows username. I only know where the PuTTYgen-converted PPK file is.

I created a second user on the Linux box ec2usr. I set is password using sudo passwd. I want to test this new account by logging in with it from PuTTY, but I get that same message - even though I directed PuTTY to the same PPK key file I'm using with my centos account login that works.

I have only created one key pair on AWS console.

I've tried loading the AWS console key pair fingerprint from that key pair into PuTTY, it still doesn't work.

When I attempt to login I never get a chance to save the challenge key - it should prompt me to do this and it doesn't. Why not?

Nothing out of the ordinary here - this is as basic as it gets. What am I missing?

If I'm using PAgeant I don't know it, I doubt that I am.

Improve this question

1 Answer 1

Reset to default
0

Putty uses its own format, the CentOS uses OpenSSH key format.

Either way, you have to authorize the key you have for the ec2usr.

Having the same password as centos does not have anything to do with it.

You are using key based authentication only (password one is disabled in AWS by default).

To authorize a key, you have to put its public counterpart to <USER HOME DIR>/.ssh/authorized_keys.

If you've just created a user, it may not even have the .ssh directory.

The following creates it (provided that you're logged in under that user):

mkdir ~/.ssh
chmod 0700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 0600 ~/.ssh/authorized_keys

If you don't have at hand the public key (for adding to authorized_keys file), you can just copy it from /home/centos/.ssh/authorized_keys. It must be there, because your login to centos user works.

Improve this answer
9
  • thanks! I created the account using a different password - but I haven't used it, as you point out its key-based. I can't log in using that account, so how do I perform the above? I would have to do it as 'centos'. But you state I have to be logged in as that user. I thought centos as my initial account/user would have root privs, but I can't even cd into /home/ec2usr. .I thought I would be prompted to save a (private?) key upon first login as a unique user, but obviously that didn't happen. In my prior experience with unix, this is all that was required...not sure why.
    – S M
    Commented Sep 12, 2019 at 14:50
  • I performed these commands as centos using sudo, but I still can't login as ec2usr. I copied my authorized_keys file from my .ssh folder to ec2usr's .ssh folder. But on attempted login I get "server refused our key".
    – S M
    Commented Sep 12, 2019 at 15:00
  • Those commands are to be run by user you want to login with. Run sudo -iu ec2usr to “become” that user while logged in to centos
    – Danila Vershinin
    Commented Sep 12, 2019 at 15:04
  • Perhaps I should have edited the (what appeared as empty) authorized_keys file, instead of overwriting it with the one from the centos .ssh folder?
    – S M
    Commented Sep 12, 2019 at 15:08
  • just saw your response. so how do I undo what I've done and start over?
    – S M
    Commented Sep 12, 2019 at 15:09

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .