I spent 3 hours staring at this error my first week with AWS:
"Permission denied (publickey)"
My EC2 instance was running. My terminal was open. I'd followed a tutorial step by step. And still — nothing.
Here are the 5 things that were wrong (and how I fixed each one):
- Wrong .pem file
I had downloaded the key pair but was pointing to the wrong file path in my command. Sounds obvious. When you're new, it's not.
Fix: always use the full absolute path.
ssh -i ~/Downloads/my-key.pem ec2-user@
- Wrong username
Different AMIs use different default usernames. I kept typing "ubuntu" on an Amazon Linux instance.
Amazon Linux → ec2-user
Ubuntu → ubuntu
RHEL → ec2-user or root
Debian → admin
This one catches almost everyone.
- .pem file permissions too open
SSH refuses to use a key file that other users can read.
Fix: chmod 400 my-key.pem
Run that once and you'll never see "WARNING: UNPROTECTED PRIVATE KEY FILE!" again.
- Security group blocking port 22
I'd launched the instance but never added an inbound rule for SSH. The connection wasn't being refused — it was being silently dropped at the firewall level.
Fix: go to EC2 → Security Groups → Inbound Rules → add SSH (port 22) from your IP. Not 0.0.0.0/0 — just your IP. Keep it tight.
- Using the wrong IP
I was copying the Private IP from the console instead of the Public IPv4 address. Private IPs only work if you're inside the same VPC.
Fix: use the Public IPv4 DNS or Public IP shown in the instance details.
The honest truth: none of these errors showed up in the tutorial I was following. Tutorials show the happy path. Real learning happens when something breaks and you have to figure out why.
If you've hit any of these — you're not alone. Every person working in cloud has been here.
Which one got you the longest? Drop it in the comments.
Top comments (0)