When trying to SSH into a newly created Linux server, you might run into a common error like this:
$ ssh user@your-server-ip
The authenticity of host 'your-server-ip' can't be established.
ED25519 key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
Any other names do not know this key.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'your-server-ip' (ED25519) to the list of known hosts.
user@your-server-ip: Permission denied (publickey).
This error simply means: βSSH couldnβt find a valid key to authenticate you.β
β
What Actually Worked
Instead of using just:
ssh ubuntu@your-server-ip
You used the correct approach by providing the private key file:
ssh -i /path/to/your-key.pem ubuntu@your-server-ip
And this worked β because the server was expecting authentication via a specific private key (.pem file), not a default key from ~/.ssh/id_rsa.
π Why This Happens
Cloud providers (like AWS, Google Cloud, Azure, etc.) often use key-based authentication only for better security. When you create a VM or instance, youβre often required to either:
Upload your public key, or
Download a .pem file that matches the server's authorized key
If you try to SSH without specifying the .pem file, the SSH client defaults to using standard key files like ~/.ssh/id_rsa, which likely donβt match what the server expects.
π οΈ How to Avoid This in the Future
You can either:
Always specify the key manually with -i
OR
Add the key to your SSH agent so it's picked up automatically:
ssh-add /path/to/your-key.pem
π§ Pro Tip
Make sure your .pem file has the correct permissions:
chmod 600 your-key.pem
This keeps your key file secure and prevents SSH from refusing to use it.
Top comments (0)