Here's the terraform snippet
resource "aws_security_group" "ec2_sg" {
name = "ec2-access"
vpc_id = aws_vpc.main.id
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"] # Allow SSH from anywhere (adjust for security)
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"] # Allow all outbound traffic (adjust for security)
}
}
resource "aws_key_pair" "ssh-key" {
key_name = "ssh-key"
public_key = "ssh-rsa AAAAB3NzaC1..."
}
# EC2 Instance in Public Subnet
resource "aws_instance" "ec2" {
ami = "ami-04b70fa74e45c3917" # Noble Numbat 24.04 LTS
instance_type = "t2.micro"
subnet_id = aws_subnet.public.id
security_groups = [aws_security_group.ec2_sg.id]
associate_public_ip_address = true
key_name = "ssh-key"
}
And the terraform apply command creates the EC2 without error.
But then I try to ssh into the machine with ssh -i "~/.ssh/id_rsa.pub" <ec2 public address>
It gives error:
The authenticity of host 'ip.add.re.ss (ip.add.re.ss)' can't be established. ED25519 key fingerprint is SHA256:Q47dOukdKpdYhysUMwAEkxkIyz8AcGGawdx9fYjHxH4. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added 'ip.add.re.ss' (ED25519) to the list of known hosts. [email protected]: Permission denied (publickey).
I guess I am misconfiguring the EC2?
The AMI ID says that it's a Ubuntu Linux, which means the default user name is ubuntu. That also means that the entire command should be:
ssh -i "~/.ssh/id_rsa" ubuntu@<ec2 public address>
The list of default users for different types of AMIs is in the AWS docs.