Why can't I ssh-copy-id to an EC2 instance?

Question

I have a ubuntu Natty instance on EC2, and I can SSH into it by

ssh -v -i ec2-keypair ubuntu@ubuntu@XXXX.compute-1.amazonaws.com

But I'd like to set up password less sshing. So I tried these options and nothing is working:

 $ ssh-copy-id -i ~/.ssh/id_rsa.pub ubuntu@XXXX.compute-1.amazonaws.com
Permission denied (publickey).

 $ ssh-copy-id -i ~/.ssh/ec2-keypair ubuntu@XXXX.compute-1.amazonaws.com
/usr/bin/ssh-copy-id: ERROR: No identities found

 $ ssh-copy-id -i ~/.ssh/id_rsa.pub root@XXXX.compute-1.amazonaws.com
Permission denied (publickey).

Answer 1

I needed to run

ssh-add ~/.ssh/ec2-keypair

Answer 2

Just do:

scp -i ec2-keypair ~/.ssh/id_rsa.pub ubuntu@XXXX.compute-1.amazonaws.com:~/

Then

ssh -i ec2-keypair ubuntu@XXXX.compute-1.amazonaws.com

And when you logged in:

cat id_rsa.pub >> .ssh/authorized_keys
rm id_rsa.pub
exit

Now you can log with

ssh ubuntu@XXXX.compute-1.amazonaws.com

Answer 3

It seems like ssh-copy-id is confused about connecting with a key in order to copy another key.

My solution:

ssh-copy-id -f "-o IdentityFile ec2-keypair.pem" ubuntu@XXXX.compute-1.amazonaws.com

Breakdown:

• -o IdentityFile ec2-keypair.pem: I'm using a "raw" ssh option to connect using the AWS-generated key.
• -f: ssh-copy-id tries to copy the AWS-generated key again, so force mode is necessary to copy the other key.

Answer 4

I had the same problem: ssh-copy-id gives the error Permission denied (publickey) on an AWS EC2 instance. I was sure that I set all the permissions correctly using chmod.

In addition, I needed to change this line in /etc/ssh/sshd_config from

PasswordAuthentication no

to

PasswordAuthentication yes

I guess that's because ssh-copy-id asks for your password.

Then the error disappeared.