I've set up a p4 server on AWS and it was running smoothly for quite a while. I followed a tutorial and saved my pem file securely. Now, out of nowhere, I can't ssh into my server anymore—I keep getting a 'Permission denied (publickey,gssapi-keyex,gssapi-with-mic)' error. I checked that my security group allows SSH connections from my IP, but even when I temporarily set it to allow all IPs, I still can't connect. I tried EC2 Instance Connect, but it says it failed to establish a connection, and I don't have the session manager set up either. I also tried creating a recovery instance to access the original volume and check the authorized_keys, but I got an error about unsupported instance configuration. What could be causing this issue, and what else can I check regarding permissions or the authorized_keys? Any suggestions would be greatly appreciated!
3 Answers
Double-check that you're logging in as the correct user. Sometimes it's as simple as using the wrong username, which could lead to those permission errors.
You might want to look into using SSM (Systems Manager) instead of SSH, if possible. It’s generally a better option for managing instances and doesn't rely on SSH access. It’s surprising how many people overlook it until they run into issues like this. How familiar are you with SSM?
Unfortunately, it sounds like your SSM Agent isn’t online, which means you won’t be able to use it without SSH access first to get it set up. It’s a tough situation.
Did you set up this instance yourself or use a marketplace AMI? If you have any EBS snapshots from when it was working, you could potentially recover from those. Also, do you have access to the EBS keys for the original volume? That might help you access it. If SSM was installed, you could have used the AWS CLI to run scripts without SSH.
Yeah, not having SSM is a setback. Keep hammering away at finding a way to access that instance; those keys could make a difference.
I used the Perforce CloudFormation Template to set it up. I think I tried to mount a volume from the AMI listed, but I ran into another error. I'm not sure about the EBS keys either, since I used a template. Seems like not having SSM installed is my main issue.
I had no idea about SSM until now! I’m diving into it, but is there a method to set up the SSM Agent if I can't SSH in right now?