“Server Refused our key” error when accessing Amazon EC2 instance

by Alexander WeiƟ

Today I wnated to change the security group settings on my Amazon EC2 instance. First I had to stop the nstance, because you can’t change the security group while the instance is running. After that I changed the security group and started the instance. Everything was normal until I tried to ssh to my instance. […]

Today I wnated to change the security group settings on my Amazon EC2 instance. First I had to stop the nstance, because you can’t change the security group while the instance is running. After that I changed the security group and started the instance. Everything was normal until I tried to ssh to my instance. Instead of a shell Putty displayed the error “server refused our key”.
Hmm, okay… maybe something is wrong with this account, I thought, and so I tried another account. But I got the same error. Now I had a serious problem: The server only had these two accounts and therfore I was locked out of my own server.

But thanks to the flexibilty that Amazon cloud services are offering, this was just a minor problem. After half an hour everything was fixed. Here’s a solution for the “server refused our key” error:

First I had to get access to the ssh configuration files. Tp achieve this I just had to mount the volume to another server:

  1. Stop the instance (I’ll call it instance A)
  2. Detach the root EBS volume from instance A, usually its device name is /dev/sda1
  3. Launch a micro Linux instance B, in the same availability zone
  4. Attach the previously detached volume A to the new instance B as device /dev/sdf
  5. Login to the new instance B, create a directory /mnt/volumeA and mount the volume A to this directory: sudo mount /dev/sdf /mnt/volumeA

As I didn’t want to use the old keys I generated a new pair and installed them:

  1. ssh-keygen -f new_key
  2. Add the new key for user ubuntu: cat new_key.pub >> /mnt/volumeA/home/ubuntu/.ssh/authorized_keys
  3. Copy the private key (new_key) to your client

Last but not least I had to reconstruct the previous state:

  1. Unmount the volume: sudo umount /mnt/volumeA
  2. Detach volume A from the new instance B
  3. Attach volume A to instance A as device /dev/sda1
  4. Start instance A
  5. If you have an Elastic IP associate it with instance A
  6. If everything works as intented terminate instance B
VN:F [1.9.22_1171]
Rating: 9.0/10 (3 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
"Server Refused our key" error when accessing Amazon EC2 instance, 9.0 out of 10 based on 3 ratings