Warning Unprotected Private Key File AWS EC2 Error [Solved]

Borislav Hadzhiev

Last updated: Feb 26, 2024
2 min


# Warning Unprotected Private Key File AWS EC2 Error

The reason the "Warning: Unprotected Private Key File" AWS error occurs is because we're trying to SSH into an EC2 instance using a private key that allows read access to other users.

unprotected private key file error

A private key must only be readable by your user on the machine in order to allow you to SSH into an EC2 instance.

In order to solve the "Warning: Unprotected Private Key File" error in AWS EC2, update the permissions of the private key file to only allow read access from the current user, e.g. chmod 600 ec2-private-key.pem.

Open your terminal in the directory where your private key is located and run the chmod command.

chmod 600 ec2-private-key.pem

Now, try to ssh into the EC2 instance again.

For Amazon Linux instances the command looks as follows.

ssh -i "ec2-private-key.pem" ec2-user@YOUR_EC2_PUBLIC_DNS

If you still get the error, try changing the permissions of the directory that contains the private key.

For example, if you store your keys in a directory called ec2, you would issue the following command.

chmod 755 ./ec2
When trying to SSH into the instance, make sure your terminal is located in the directory where your ec2-private-key.pem file is stored, otherwise, you might get a permission denied error because the file could not be found.

Lastly, make sure you're using the correct SSH command.

The username varies between the different Amazon machine images (e.g. ubuntu or ec2-user).

To get the correct SSH command for your EC2 instance:

  1. In the EC2 console, click on the checkbox next to your instance's name.
  2. Click on Actions and select Connect.
  3. Click on the SSH client tab and copy the example ssh command.

copy ssh command

An easy way to find the username for your AMI is to try to log in as root and read the error message:

ssh -i "ec2-private-key.pem" root@YOUR_EC2_PUBLIC_DNS

try login as root

The error message shows the username we should specify to SSH into the EC2 instance - in this case ec2-user.

Therefore our SSH command should look as follows:

ssh -i "ec2-private-key.pem" ec2-user@YOUR_EC2_PUBLIC_DNS

# Additional Resources

You can learn more about the related topics by checking out the following tutorials:

I wrote a book in which I share everything I know about how to become a better, more efficient programmer.
book cover
You can use the search field on my Home Page to filter through all of my articles.