Score:1

Trying to connect to my ec2 instance with Ansible

cn flag

I'm following the digital ocean guide to Ansible which involves setting up my ssh key on the host I'll use: https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-ubuntu-20-04

My Ansible host is my local WSL Ubuntu setup and my client is an AWS server.

I started step 1 and created an rsa key, myfirstkey.pub. Then I ran: sudo ssh-copy-id -i ~/.ssh/myfirstkey.pub ~/.ssh/myhostkeyforaws.pub ec2-user@myfirsthost

But I keep seeing this error:

my_user@DESKTOP:~/.ssh$ sudo ssh-copy-id -i ~/.ssh/myhostkeyforaws ec2-user@myfirsthost
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/my_user/.ssh/myhostkeyforaws.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ec2-user@myfirsthost: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

I've been through a lot of help guides and I can't figure out what I'm doing wrong. How do I add an ssh key to an amazon ec2 instance?

Score:1
ar flag

Read AWS' documentation on how to add keys. AWS doesn't allow password authentication, so you will have to add the key as per AWS' documentation.

If you have no setup in the VM, it's probably easiest to delete it and start afresh - and pay attention to the choices you make as you create the VM. If you have configuration in it, AWS provides documentation on how to gain access to it, by attaching the storage to a different VM and manually editing it.

Second, don't prepend commands with sudo by default. There's no reason to run ssh-copy-id as root in your scenario.

Third, why do you want to have a custom filename for the key on your computer? That may make sense in some scenarios, but overall it will only make use more complex.

brassgoblin34 avatar
cn flag
I setup the security rules to allow port 22. I used the custom file name because I don't know any better.
vidarlo avatar
ar flag
Yes, port 22 is allowed; `ssh-copy-id` can connect. It's not a firewall issue. But it has no authentication methods to use, as password authentication is disabled by default on AWS instances.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.