Why am I receiving "imported-openssh-key" or "Putty Fatal Error" errors when connecting to my Amazon Elastic Compute Cloud (Amazon EC2) Linux instance?

4 minute read
1

I'm receiving "imported-openssh-key" or "Putty Fatal Error" errors when connecting to my Amazon Elastic Compute Cloud (Amazon EC2) Linux instance.

Short description

When connecting to my Linux instance using SSH, I receive an error similar to the following:

Using username "root". Authentication with public key "imported-openssh-key" Please login as the user "ec2-user" rather than the user "root".

-or-

When using the PuTTY client, I receive an error similar to the following:

PuTTY Fatal Error: Disconnected: No supported authentication methods available (server sent: publickey) OK

These errors might occur under the following circumstances:

  • You're not connecting with the appropriate user name for your AMI when you negotiate an SSH session with an EC2 instance.
  • You're using the wrong private key when you negotiate an SSH session with an EC2 instance.

Resolution

Verify that you're connecting with the correct user name

On your local machine, verify that you're connecting with an appropriate user name. For a complete list of appropriate user names, see Troubleshoot connecting to your instance.

Verify that the private key is correct

1.    Open the Amazon EC2 console, and then choose Instances.

2.    Find the EC2 instance that you want to connect to using SSH.

3.    In the Key Name column, verify the name of the private key that you're using to connect through SSH:

PuTTY

Verify that the SSH private key matches the private key you see in the Key Name column for your EC2 instance in the console.

Verify that you converted your private key (.pem) file to the format recognized by PuTTY (.ppk). For more information, see Convert your private key using PuTTYgen.

macOS or Linux

Run the following command to make sure that you changed the permissions on your key pair file so that only you can view it:

$ chmod 400 my-key-pair.pem

Check the directory and file name that you specify after the -i flag to make sure that it's the correct path to your private key, as shown in the following example command:

$ ssh -i my-key-pair.pem ec2-user@52.4.XX.XX

Use the EC2 serial console

If you turned on the EC2 Serial Console for Linux, you can use it to troubleshoot supported Nitro-based instance types and bare metal instances. You can access the Amazon EC2 console or the AWS Command Line Interface (AWS CLI). You don't need a working connection to connect to your instance when you use the EC2 Serial console.

Note: If you haven't previously used the EC2 Serial Console, make sure that you review prerequisites and configure access before trying to connect.

1.    Open the Amazon EC2 console.

2.    Choose Instances.

3.    Select the instance, then choose Actions, Monitor and troubleshoot, EC2 Serial Console, Connect.

-or-

Select the instance, then choose Connect,EC2 Serial Console, Connect.

An in-browser terminal window opens.

4.    Press Enter. If you're connected to the serial console, then a login prompt returns. If the screen remains black, you can use the following information to help resolve issues with connecting to the serial console:

5.    At the login prompt, enter the user name of the password-based user that you set up previously, and then press Enter.

6.    At the Password prompt, enter the password, and then press Enter.

You are now logged onto the instance and can use the serial console for troubleshooting.

You can also connect using your own key and an SSH client.

For more information on using the EC2 Serial Console, see Connect to the EC2 Serial Console.

Related information

Why can't I connect to my Amazon EC2 Linux instance using SSH?

How can I troubleshoot connecting to my Amazon EC2 Linux instance using SSH

Amazon EC2 key pairs and Windows instances

AWS OFFICIAL
AWS OFFICIALUpdated a year ago