Server refused our key aws error | Arkit

by ·

While login to AWS Linux ec2 instance i am getting an error “Server refused our key”. How to resolve this issue.? AWS published an article which shows how to resolve the issue, however which is not resolved because my scenario is different than actual.

Server refused our key AWS Login issue

As per my environment Linux users home directories are located at/data/usershome/USERNAME. We have only one key-based login that is default ec2-user none other users have SSH login access.

One of the user in development team changed user home directory permissions to 777.

AWS knowledge based article does not resolved the issue, here what we have did to resolve the issue

Login to AWS Console

Go to EC2 -> Select the Instance which is having SSH login issues, In description tab select Root device and note down EBS ID

EBS ID

EBS ID

stop ec2 instance

stop ec2 instance

Stop the instance and go to Elastic Block Store -> Volumes -> Search with volume ID -> click Actions -> Detach Volume (EBS Volume state will become Available)

attach and detach EBS volume

attach and detach EBS volume

Create one more EC2-instance same OS as current EC2 Instance as (Note down Virtual machine ID)

Now Again click on Actions -> Attach Volume -> Select Newly created EC2-instance

Login to Newly created EC2-Instance then mount newly attached disk to any mount point (Example: /mnt)

Now change /data/usershome/USERNAME/.ssh/authorized_keys data with current ssh key. Change file and directory permissions appropriately (chown –R USERNAME:USERNAME /data/usershome/USERNAME; chmod 600 /data/usershome/USERNAME/.ssh/authorized_keys )

Note: To know exact user home path check /mnt/etc/passwd file (/mnt is an mount point)

If your users home path is in different EBS volume then change the /root/.ssh/authorized_keys file with current ssh key. You will get direct root user access. This option very dangers, however after completion of your work delete ssh key from root user .ssh path

Detach the EBS volume from newly created EC2-Instance and attach back to original EC2-instance with exact device name (Example: /dev/sda1)

Start the EC2-Instance and Use it.

Good Luck..!!

Related Articles

Thanks for your wonderful Support and Encouragement

blank

Ravi Kumar Ankam

My Name is ARK. Expert in grasping any new technology, Interested in Sharing the knowledge. Learn more & Earn More

Leave a Reply

Your email address will not be published. Required fields are marked *