Warning Unprotected Private Key File AWS EC2 Error

avatar

Borislav Hadzhiev

Last updated: Jul 25, 2022

banner

Photo from Unsplash

Warning Unprotected Private Key File AWS EC2 Error #

The reason the "Warning: Unprotected Private Key File" AWS error occurs is because we're trying to SSH into an EC2 instance using a private key that allows read access to other users.

unprotected private key file error

A private key must only be readable by your user on the machine in order to allow you to SSH into an EC2 instance.

In order to solve the "Warning: Unprotected Private Key File" error in AWS EC2, update the permissions of the private key file to only allow read access from the current user, e.g. chmod 600 ec2-private-key.pem.

Open your terminal in the directory where your private key is located and run the chmod command.

shell
chmod 600 ec2-private-key.pem

Now try to ssh into the EC2 instance again. For amazon Linux instances the command looks like:

shell
ssh -i "ec2-private-key.pem" ec2-user@YOUR_EC2_PUBLIC_DNS

If you still get the error, try changing the permissions of the directory that contains the private key. For example, if you store your keys in a directory called ec2, you would do:

shell
chmod 755 ./ec2
When trying to SSH into the instance, make sure your terminal is located in the directory where your ec2-private-key.pem file is stored, otherwise, you might get a permission denied error because the file could not be found.

Lastly, make sure you're using the correct ssh command. The username varies between the different amazon machine images (e.g. ubuntu or ec2-user).

To get the correct ssh command for your EC2 instance:

  1. In the EC2 console, click on the checkbox next to your instance's name
  2. Click on Actions and select Connect
  3. Click on the SSH client tab and copy the example ssh command

copy ssh command

An easy way to find the username for your AMI is to try to log in as root and read the error message:

shell
ssh -i "ec2-private-key.pem" root@YOUR_EC2_PUBLIC_DNS

try login as root

The error message shows the username we should specify to SSH into the EC2 instance - in this case ec2-user.

Therefore our SSH command should look like:

shell
ssh -i "ec2-private-key.pem" ec2-user@YOUR_EC2_PUBLIC_DNS

Further Reading #

I wrote a book in which I share everything I know about how to become a better, more efficient programmer.
book cover
You can use the search field on my Home Page to filter through all of my articles.