How to Deal with the Imported-openssh-key or Putty Fatal Error?

How to Deal with the Imported-openssh-key or Putty Fatal Error?

When using AWS Elastic Compute Cloud (EC2), many users report getting the ‘imported-openssh-key’ error. The error persists even when you use the PuTTY client and you get the fatal error message. In this article, learn how to fix these errors.

What is the imported-openssh-key error?

When you try to connect to the Linux instance on AWS using SSH, you may receive the following message:

Code:
“Using username “root”. Authentication with public key “imported-openssh-key”
Please login as the user “ec2-user” rather than the user “root”.”
The same users get another error message when using the PuTTY client. The message looks like this:

Code:
“PuTTY Fatal Error: Disconnected: No supported authentication methods available (server sent: publickey) OK
The main reason why you may get this error are:
  • An incorrect user name was used for AMI when negotiating access with the EC2 instance via SSH
  • Or an incorrect private key was used during the process
Fixing this Error

You can fix this problem easily. Here are a few things you need to try:
  • Correct the inappropriate user name
The first thing you should do is fix the incorrect user name that you used during the SSH process. You have to either use the correct user name for that particular account or the default user name set for AMI.

The best option is to get the user name for that account. If you can’t get it, then use the following default user name for the AMI:

Code:
For Amazon Linux 2 or the Amazon Linux AMI: ec2-user.
For a CentOS AMI: centos.
For a Debian AMI: admin.
For a Fedora AMI: ec2-user or fedora.
For an RHEL AMI: ec2-user or root.
For a SUSE AMI: ec2-user or root.
For an Ubuntu AMI: ubuntu.
In case the ec-2 and root do not work, you have to check with the ANI provider for correct credentials.

Once obtained, use them to correct to the EC-2 instance.
  • Use correct private key
The next thing to do is correct the private key (if the first solution fails). Here are the steps involved:
  • Select instances from the EC2 console
  • Then, locate the particular EC2 instance to connect to
  • Look into the Key Name column and verify the private key name you used to connect through SSH
  • PuTTY - for users using PuTTY client, you need to make sure the private key of SSH is same as the one listed in the Key Name column. Also, you have to convert the private key file (which is in the .pem format) to a format that PuTTY recognizes (.ppk format)
  • macOS or Linux - Users on macOS or Linux have to change the permission on the key pair file with this command:
Code:
$ chmod 400 my-key-pair.pem
Also you have to ensure that the path to private key is accurate. For that you have to check the directory and file name you specify. Use this command by replacing relevant data:​

Code:
$ ssh -i my-key-pair.pem ec2-user@52.4.XX.XX
  • Using EC2 Serial Console
EC2 Serial Console is used to troubleshoot errors related to network configuration and SSH configuration. You can use the console to connect to the instance even without a network connection.

Access it from the Amazon EC2 Console or the AWS CLI. But you’d need to grant access to it before you use the console. So create the necessary AWS IAM policies to grant access to the IAM users.

So that’s how you deal with this error. For further assistance, contact the support team.
Author
kumkumsharma
Views
1,846
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from kumkumsharma

Top