By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Why do I receive the errors "imported-openssh-key" or "PuTTY Fatal Error" when I connect to my Amazon EC2 Linux instance?

4 minute read
1

When I connect to my Amazon Elastic Compute Cloud (Amazon EC2) Linux instance, I receive the errors "imported-openssh-key" or "PuTTY Fatal Error."

Short description

When you connect to your Linux instance with SSH, you receive the following error:

Using username "root". Authentication with public key "imported-openssh-key" Please login as the user "ec2-user" rather than the user "root".

-or-

When you connect to your Linux instance with the PuTTY client, you receive the following error:

PuTTY Fatal Error: Disconnected: No supported authentication methods available (server sent: publickey) OK

These errors occur under the following circumstances:

  • You didn't connect with the appropriate username for your AMI when you negotiate an SSH session with an Amazon EC2 instance.
  • You use the wrong private key when you negotiate an SSH session with an EC2 instance.

Resolution

Note: If you receive errors when you run AWS Command Line Interface (AWS CLI) commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.

Verify that you connect with the correct username

On your local machine, verify that you connect with an appropriate username. For a complete list of appropriate usernames, see Common causes for connection issues.

Verify that the private key is correct

Complete the following steps:

  1. Open the Amazon EC2 console, and then choose Instances.
  2. Find the EC2 instance that you want to connect to through SSH.
  3. In the Key Name column, verify the name of the private key that you use to connect through SSH:

PuTTY

Verify that the SSH private key matches the private key you see in the Key Name column for your EC2 instance in the console.

Verify that you converted your private key (.pem) file to the format recognized by PuTTY (.ppk). For more information, see Convert your private key using PuTTYgen.

macOS or Linux

To confirm that you changed the permissions on your key pair file so that only you can view it, run the following command:

$ chmod 400 my-key-pair.pem

Check the directory and file name that you specify after the -i flag. Make sure that it's the correct path to your private key, as shown in the following example command:

$ ssh -i /path/key-pair-name.pem 'instance-user-name'@'instance-public-dns-name'

Also, you can connect with your own key and an SSH client. For more information see, Connect to your Linux instance using an SSH client.

Use the EC2 serial console

If you turned on the EC2 serial console for Linux, you can use it to troubleshoot supported Nitro-based instance types and bare metal instances. You can access the Amazon EC2 console or the AWS CLI. You don't need an active connection to connect to your instance when you use the EC2 serial console.

Note: If you haven't previously used the EC2 serial console, make sure that you review prerequisites and configure access before you try to connect.

Complete the following steps:

  1. Open the Amazon EC2 console.
  2. Choose Instances.
  3. Select the instance, then choose Actions, and then choose Monitor and troubleshoot.
  4. Select EC2 serial console and then choose Connect.

-or-

Complete the following steps:

  1. Select the instance, then choose Connect.
  2. Choose EC2 Serial Console and then choose Connect.
  3. An in-browser terminal window opens. Press Enter.
    If you're connected to the serial console, then a login prompt returns.
    If the screen remains black, use the following information to resolve connection issues:
    Check that you have configured access to the serial console. For more information, see Configure access to the EC2 serial console.
    Use SysRq to connect to the serial console. SysRq does not require that you connect through the browser-based client. For more information, see Troubleshoot your Amazon EC2 instance using the EC2 serial console.
    Restart getty. If you have SSH access to your instance, then connect to your instance through SSH, and run the following command to restart getty. 
    [ec2-user ~]$ sudo systemctl restart serial-getty@ttyS0
    Reboot your instance. You can reboot your instance with SysRq, the EC2 console, or the AWS CLI. For more information, see Reboot your instance.
  4. At the login prompt, enter the username of the password-based user that you set up previously, and then press Enter.
  5. At the Password prompt, enter the password, and then press Enter.

You are now logged in to the instance and can use the serial console for troubleshooting.

Related information

Connect to the EC2 serial console

How can I troubleshoot connecting to my Amazon EC2 Linux instance using SSH?

Troubleshoot issues connecting to your Amazon EC2 Linux instance

Amazon EC2 key pairs and Amazon EC2 instances

Topics
Compute
Tags
Amazon EC2Linux
Language
English

Related videos

Watch Raghavendra’s video to learn more (4:41)
Watch Raghavendra’s video to learn more (4:41)
AWS OFFICIAL
AWS OFFICIALUpdated 9 months ago
No comments

Relevant content