Can't open .pem file in keychain access

Asked 29/12, 2016 at 14:10 Answered 10/9, 2019 at 9:8

macos amazon-web-services amazon-ec2 keychain

So I'm trying to set up an EC2 instance on AWS and I've created a key pair and downloaded the .pem file. However, when I try to open it I get the error message:

Keychain error message

I've also read about entering the following in the terminal to work around the issue:

security import pub_key.pem -k ~/Library/Keychains/login.keychain

but this doesn't work either (I get the following error message:

security: Error reading infile pub_key.pem: No such file or directory).

I've also tried just creating new key pairs but the problem persists.

Fireweed answered 29/12, 2016 at 14:10 Comment(1)

I am having the same issue. Isn't this part of the idea of using the keychain to store certificates like this? I want to access my amazon key from other machines. – Darnel 29/1, 2018 at 5:44

The keychain extension changed with Sierra. Now it is login.keychain-db. You should navigate to where the pem key file is and use

security import pub_key.pem -k ~/Library/Keychains/login.keychain-db

Yehudit answered 10/9, 2019 at 9:8 Comment(3)

Thanks, Follow up question. Now what? If I want to use that stored key to connect, how would I do so? – Howsoever 29/5, 2020 at 0:14

Now if you want to connect it should be via ssh. You have two options: 1. If your instance has a public DNS name use the following command ssh -i /path/my-key-pair.pem my-instance-user-name@my-instance-public-dns-name 2. If your instance has an IPV6 address use the following command ssh -i /path/my-key-pair.pem my-instance-user-name@my-instance-IPv6-address. As it was already mentioned in another comment, the documentation is here – Yehudit 8/6, 2020 at 9:41

What is the point of putting the pen file in the keychain if you still have to specify it on the command line? That’s what I do now. – Howsoever 10/6, 2020 at 13:47

Make sure you navigate to terminal to where the pem key file actually is. Then use

security import pub_key.pem -k ~/Library/Keychains/login.keychain

Skinny answered 25/9, 2018 at 18:35 Comment(1)

If this answer helped please accept it as well. If not let me know why. – Skinny 2/1, 2019 at 21:54

-2

The .pem file contains your private key used for establishing an ssh connection with an Amazon EC2 instance (or any Linux instance).

Do not open (double-click) the .pem file. Instead, you will use it with the ssh command to connect with your instance, eg:

ssh -i yourfile.pem [email protected]

See documentation: Connecting to Your Linux Instance Using SSH

Conservator answered 29/12, 2016 at 23:12 Comment(1)

Using the PEM isn't the problem. Storing it somewhere safe is. That's what the Keychain is for. Why Keychain doesn't allow this is the question. – Darnel 29/1, 2018 at 5:45

Recommended topics

Hot tags