I accidentally changed the permissions of .ssh directory and everything inside of it to 777 in my ec2 instance as ec2-user (root) and logged out of the instance. Now I cannot ssh into my instance since the permissions are too open. Is there anything I can do without creating a new instance? I have access to other users in the same instance.
Accidentally changed the permissons of .ssh and now cannot access ec2 instance
34 Views Asked by smgtkn At
2
There are 2 best solutions below
0
Ananth Tirumanur
On
Did you try to use AWS Systems Manager (SSM) to access the instance and fix the permissions
Try detaching the root EBS volume from this instance and attaching it to another instance as a secondary volume. You could then correct the permissions directly from the other instance.
if you have another user with sudo privileges, login with that user - let's say ec2-user and do the below steps these should help
sudo su chmod 700 /home/ec2-user/.ssh # Fix permissions chmod 600 /home/ec2-user/.ssh/* chmod 644 /home/ec2-user/.ssh/*.pub
Related Questions in AMAZON-WEB-SERVICES
- S3 integration testing
- How to get content of BLOCK types LAYOUT_TITLE, LAYOUT_SECTION_HEADER and LAYOUT_xx in Textract
- Error **net::ERR_CONNECTION_RESET** error while uploading files to AWS S3 using multipart upload and Pre-Signed URL
- Failed to connect to your instance after deploying mern app on aws ec2 instance when i try to access frontend
- AWS - Tab Schema Conversion don't show up after creating a Migration Project
- Unable to run Bash Script using AWS Custom Lambda Runtime
- Using Amazon managed Prometheus to get EC2 metrics data in Grafana
- AWS Dns record A not navigate to elb
- Connection timed out error with smtp.gmail.com
- AWS Cognito Multi-tenant Integration | Ok to use Client’s Idp?
- Elasticbeanstalk FastAPI application is intermittently not responding to https requests
- Call an External API from AWS Lambda
- Why my mail service api spring isnt working?
- export 'AWSIoTProvider' (imported as 'AWSIoTProvider') was not found in '@aws-amplify/pubsub'
- How to take first x seconds of Audio from a wav file read from AWS S3 as binary stream using Python?
Related Questions in AMAZON-EC2
- Failed to connect to your instance after deploying mern app on aws ec2 instance when i try to access frontend
- Using Amazon managed Prometheus to get EC2 metrics data in Grafana
- Unable to ping remote websites from an ipV6 only ubuntu ec2 Instance
- Unable to install mysql on Amazon Linux 2023
- AWS Elastic Beanstalk - Deployment Issues with Flask backend (React frontend already deployed with S3 and Cloudfront)
- AWS ECS agent does not start in EC2 instance
- Moving a website from a subdomain to the domain root
- Switch to Cloudfront CDN causing issues for small number of users
- Selenium parser
- ReadTimeout error when downloading images on AWS EC2 but not locally
- Iam not able to login to bastion server-permission denied error
- No GPU EC2 instances associated with AWS Batch
- Django Deployment on AWS EC2 with Docker Compose: Seeking Advice on Security, Scalability, and Best Practices
- How to host a react and django application on ec2
- Connection services in different containers in the same ec2 instance
Related Questions in PUBLIC-KEY-ENCRYPTION
- Sign a PGP public key using a private key and password, then save the signed key to a file
- Probability of Brute-Forcing Matching Private Keys to Specific Public Addresses in Cryptocurrency?
- Accidentally changed the permissons of .ssh and now cannot access ec2 instance
- How do I port python2 code using RSA.importKey().decrypt() to python3?
- Evaluating a matrix-vector product with the CKKS scheme
- X509 Private Key Convert to pkcs1 possible?
- How to check whether age public key and private key couple with each other
- Consistent derivation of private key from PassKey?
- openssl encrpyt java decrypt
- browser extension for stored private/public key
- What's the deal with encapsulatedKey? In Apple's HPKE.Ciphersuite.P521_SHA512_AES_GCM_256 Is this sensitive data?
- How to recovery the publicKey with "js-ethereum-cryptography" version 2.0?
- Hybrid Public Key Encryption (HPKE) with deterministically generated key pairs using Tink
- how to pass location of private key kept at resources folder at application properties in spring boot?
- Why do RSA keys look like they do?
Related Questions in PEM
- Verifying XML Signature in Powershell with PEM Certificate
- Get SHA1 sign of string with DSA private key from PEM file
- How to extract public-key from PEM certificate in hexadecimal format
- How can I decrypt data in chunks in c# using a private key after encrypting in php using a public key?
- How to read an RSA public key from a its PEM format string using the OpenSSL API?
- Encrypt in C# && Decrypt in PHP using PEM file
- PEM to PublicKey in Android
- How to compare X509 certificate object with another .pem extension certificate
- getting error while trying to convert pfx without password to jks
- How to Create a PEM File from Windows
- how to generate public and private key in PEM format
- Parsing a PEM key in C without extra libraries
- how to generate public/private key pair with like below in ios, swift
- Don't get any push notifications after changing to another apple account
- NGINX HTTPS Server barfing on .crt and .key files
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
If you've got another user with SSH access to the instance you can log in using that user account.
Note if the permissions issue only affects the
ec2-useraccount, you can log in with the other user and should be able to fix the permissions.Also note you can use the EC2 Serial Console to troubleshoot issues with your instance, even if you can't SSH into it.