How to verify the private key I have matches AWS keypair?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
2
down vote

favorite












My AWS instance says it is configured to use the only keypair I have on my account and it has a fingerprint in the format of:



3c:64:a7:85:53:3f:81:1c:24:5a:d2:6a:5b:76:47:da:f3:14:63:88



I have a key.pem file on my computer. How do I verify that this pem file matches up with the above key-pair fingerprint provided by AWS?



I have attempted the following:
ssh-keygen -lf key.pem



That outputs something in this format:
2048 SHA256:TpL6i8y1uCd26IUVVc5UHFluP7GLKD/T3O1+K4Pc0qg no comment (RSA)



The encoding scheme is different, I am not able to tell if they are equivalent.



I am trying to debug why I am unable to ssh into my instance with this key, this is the first step I am trying.










share|improve this question





















  • Try logging into an instance with the certificate
    – Tim
    1 hour ago










  • Hey Tim, like I mentioned, I am unable to ssh into the instance. Unless you mean something different?
    – Display Name
    1 hour ago














up vote
2
down vote

favorite












My AWS instance says it is configured to use the only keypair I have on my account and it has a fingerprint in the format of:



3c:64:a7:85:53:3f:81:1c:24:5a:d2:6a:5b:76:47:da:f3:14:63:88



I have a key.pem file on my computer. How do I verify that this pem file matches up with the above key-pair fingerprint provided by AWS?



I have attempted the following:
ssh-keygen -lf key.pem



That outputs something in this format:
2048 SHA256:TpL6i8y1uCd26IUVVc5UHFluP7GLKD/T3O1+K4Pc0qg no comment (RSA)



The encoding scheme is different, I am not able to tell if they are equivalent.



I am trying to debug why I am unable to ssh into my instance with this key, this is the first step I am trying.










share|improve this question





















  • Try logging into an instance with the certificate
    – Tim
    1 hour ago










  • Hey Tim, like I mentioned, I am unable to ssh into the instance. Unless you mean something different?
    – Display Name
    1 hour ago












up vote
2
down vote

favorite









up vote
2
down vote

favorite











My AWS instance says it is configured to use the only keypair I have on my account and it has a fingerprint in the format of:



3c:64:a7:85:53:3f:81:1c:24:5a:d2:6a:5b:76:47:da:f3:14:63:88



I have a key.pem file on my computer. How do I verify that this pem file matches up with the above key-pair fingerprint provided by AWS?



I have attempted the following:
ssh-keygen -lf key.pem



That outputs something in this format:
2048 SHA256:TpL6i8y1uCd26IUVVc5UHFluP7GLKD/T3O1+K4Pc0qg no comment (RSA)



The encoding scheme is different, I am not able to tell if they are equivalent.



I am trying to debug why I am unable to ssh into my instance with this key, this is the first step I am trying.










share|improve this question













My AWS instance says it is configured to use the only keypair I have on my account and it has a fingerprint in the format of:



3c:64:a7:85:53:3f:81:1c:24:5a:d2:6a:5b:76:47:da:f3:14:63:88



I have a key.pem file on my computer. How do I verify that this pem file matches up with the above key-pair fingerprint provided by AWS?



I have attempted the following:
ssh-keygen -lf key.pem



That outputs something in this format:
2048 SHA256:TpL6i8y1uCd26IUVVc5UHFluP7GLKD/T3O1+K4Pc0qg no comment (RSA)



The encoding scheme is different, I am not able to tell if they are equivalent.



I am trying to debug why I am unable to ssh into my instance with this key, this is the first step I am trying.







amazon-web-services ssh-keygen






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked 1 hour ago









Display Name

13114




13114











  • Try logging into an instance with the certificate
    – Tim
    1 hour ago










  • Hey Tim, like I mentioned, I am unable to ssh into the instance. Unless you mean something different?
    – Display Name
    1 hour ago
















  • Try logging into an instance with the certificate
    – Tim
    1 hour ago










  • Hey Tim, like I mentioned, I am unable to ssh into the instance. Unless you mean something different?
    – Display Name
    1 hour ago















Try logging into an instance with the certificate
– Tim
1 hour ago




Try logging into an instance with the certificate
– Tim
1 hour ago












Hey Tim, like I mentioned, I am unable to ssh into the instance. Unless you mean something different?
– Display Name
1 hour ago




Hey Tim, like I mentioned, I am unable to ssh into the instance. Unless you mean something different?
– Display Name
1 hour ago










1 Answer
1






active

oldest

votes

















up vote
3
down vote













There are two methods, depending on how you created your SSH key as described in Verifying Your Key Pair's Fingerprint in AWS docs.



Here is my SSH key fingerprint in the console:



EC2 Key Pairs Screenshot



And here is how to get the same fingerprint from the command line:



~ $ openssl rsa -in ~/.ssh/aws-sandpit.pem -pubout -outform DER | openssl md5 -c
writing RSA key
(stdin)= ae:ae:56:84:f9:72:c4:d1:0a:b8:e9:3b:ab:d4:a7:00


If that doesn't match try this:



~ $ openssl pkcs8 -in path_to_private_key -inform PEM -outform DER -topk8 -nocrypt | openssl sha1 -c


Hope that helps :)






share|improve this answer




















    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "2"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: true,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f934413%2fhow-to-verify-the-private-key-i-have-matches-aws-keypair%23new-answer', 'question_page');

    );

    Post as a guest






























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    3
    down vote













    There are two methods, depending on how you created your SSH key as described in Verifying Your Key Pair's Fingerprint in AWS docs.



    Here is my SSH key fingerprint in the console:



    EC2 Key Pairs Screenshot



    And here is how to get the same fingerprint from the command line:



    ~ $ openssl rsa -in ~/.ssh/aws-sandpit.pem -pubout -outform DER | openssl md5 -c
    writing RSA key
    (stdin)= ae:ae:56:84:f9:72:c4:d1:0a:b8:e9:3b:ab:d4:a7:00


    If that doesn't match try this:



    ~ $ openssl pkcs8 -in path_to_private_key -inform PEM -outform DER -topk8 -nocrypt | openssl sha1 -c


    Hope that helps :)






    share|improve this answer
























      up vote
      3
      down vote













      There are two methods, depending on how you created your SSH key as described in Verifying Your Key Pair's Fingerprint in AWS docs.



      Here is my SSH key fingerprint in the console:



      EC2 Key Pairs Screenshot



      And here is how to get the same fingerprint from the command line:



      ~ $ openssl rsa -in ~/.ssh/aws-sandpit.pem -pubout -outform DER | openssl md5 -c
      writing RSA key
      (stdin)= ae:ae:56:84:f9:72:c4:d1:0a:b8:e9:3b:ab:d4:a7:00


      If that doesn't match try this:



      ~ $ openssl pkcs8 -in path_to_private_key -inform PEM -outform DER -topk8 -nocrypt | openssl sha1 -c


      Hope that helps :)






      share|improve this answer






















        up vote
        3
        down vote










        up vote
        3
        down vote









        There are two methods, depending on how you created your SSH key as described in Verifying Your Key Pair's Fingerprint in AWS docs.



        Here is my SSH key fingerprint in the console:



        EC2 Key Pairs Screenshot



        And here is how to get the same fingerprint from the command line:



        ~ $ openssl rsa -in ~/.ssh/aws-sandpit.pem -pubout -outform DER | openssl md5 -c
        writing RSA key
        (stdin)= ae:ae:56:84:f9:72:c4:d1:0a:b8:e9:3b:ab:d4:a7:00


        If that doesn't match try this:



        ~ $ openssl pkcs8 -in path_to_private_key -inform PEM -outform DER -topk8 -nocrypt | openssl sha1 -c


        Hope that helps :)






        share|improve this answer












        There are two methods, depending on how you created your SSH key as described in Verifying Your Key Pair's Fingerprint in AWS docs.



        Here is my SSH key fingerprint in the console:



        EC2 Key Pairs Screenshot



        And here is how to get the same fingerprint from the command line:



        ~ $ openssl rsa -in ~/.ssh/aws-sandpit.pem -pubout -outform DER | openssl md5 -c
        writing RSA key
        (stdin)= ae:ae:56:84:f9:72:c4:d1:0a:b8:e9:3b:ab:d4:a7:00


        If that doesn't match try this:



        ~ $ openssl pkcs8 -in path_to_private_key -inform PEM -outform DER -topk8 -nocrypt | openssl sha1 -c


        Hope that helps :)







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 1 hour ago









        MLu

        2,1231224




        2,1231224



























             

            draft saved


            draft discarded















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f934413%2fhow-to-verify-the-private-key-i-have-matches-aws-keypair%23new-answer', 'question_page');

            );

            Post as a guest













































































            Comments

            Popular posts from this blog

            What does second last employer means? [closed]

            Installing NextGIS Connect into QGIS 3?

            One-line joke