Ubuntu – Permission denied (publickey) after rsync

amazon ec2rsyncssh

DISCLAIMER: this may not be fully Ubuntu related but for some reason serverfault gives me an error when posting, plus I think some of you may have stumbled on something like this before

I'm experiencing a strange issue.
I have multiple ec2 instances that I'm managing and I had to copy some hidden files from an Ubuntu to an Amazon Linux instance.

The way to go should be rsync AFAIK, and since the pem files are on my local machine – Mac OS X 10.10.5 – I did what I had to do by doing:

rsync -rave "ssh -i keyfile1.pem" ubuntu@firstmachineip:folder_inside_home/ local_folder/

and then

rsync -rave "ssh -i keyfile2.pem" local_folder/ ec2-user@secondmachineip:

which both succeeded.

The problem is that when sshing again to the second machine (the first is fine) gives me the vague

Permission denied (publickey).

Note that before rsyncing the connection worked with no problem and even if the key file ever got corrupted I restored it from a backup and took care of chmod 600 keyfile2.pem and even tried chmod 400 keyfile2.pem

I will also leave the last part of the output of ssh -vvv -i keyfile2.pem ec2-user@secondmachineip after it established that the fingerprint is known:

debug1: Host 'secondmachineip' is known and matches the RSA host key.
debug1: Found key in /Users/thevet/.ssh/known_hosts:10
debug2: bits set: 494/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: keyfile2.pem (0x0), explicit
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: keyfile2.pem
debug1: read PEM private key done: type RSA
debug3: sign_and_send_pubkey: RSA *here goes the rsa*
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).

Any clue what the hell has happened? I'm clueless.

Thanks in advance

Best Answer

Note that either there is a protective feature or a bug with Rsync when transferring using -a into the root folder.

Given a local folder call Music containing cow.txt

rsync -a Music/ root@ 

moves the cow.txt file in the music folder in to usr/ and I can still log in.

rsync -a Music/ root@ 

moves the cow.txt file into /root/ and the authorized keys are not affected but I cannot log in subsequently with ssh@root134.209.12.183.

I'm not sure why this happens and couldn't see anything in the log on the server that would explain it.

But at least it's easy to avoid the issue

Both the remote and local server and running rsync version 3.1.1 protocol version 31

on Ubuntu 16.04