I followed all the steps mentioned in the lab exercise for VPC Peering from 2 AZ - us-east-1 and us-east-2.
I am not sure about from where the SCP command is to be executed and i am not able to copy the .pem file. Please help
*[ec2-user@ip-192-168-0-122 ~] *
scp -i ec2-user-1.pem ec2-user-2.pem [email protected]:~/
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Connection closed
Which lab is this (link please)? There is more than one VPC peering lab.
Also note that us-east-1 and us-east-2 are regions not availability zones. This is an important distinction!
In your SCP command, you have provided 2 PEM files. The command requires exactly one PEM file, which needs to be the PEM file associated with the key pair for the machine you need to connect to.
Thanks for your reply, I understand it is a region and not a AZ from your reply. To answer your question–
I copied the below from the tutorial. Question – I understand I need to use the respective .pem file for connecting to specific instance, what is the reason that I need to copy it using the SCP command for connecting to the instance. Please help
Link - AWS Solutions Architect Associate Certification | KodeKloud
Note: You might need to copy the .pem key file to the ec2-east instance using the following command:
scp -i ec2-user-1.pem ec2-user-2.pem ec2-user@:~/
Note that, we have two keypairs, ec2-user-1.pem for us-east-1 and ec2-user-2.pem for us-east-2. Use the keys based on the instance region.
Ok, I have looked at this lab.
Assuming you created both instances correctly and the questions are marked green, then by the time you get to Q7, you should have
us-east-1 for which you connect using ec2-user-1.pem
us-east-2 for which you connect using ec2-user-2.pem
You are now asked to copy these keys up to the instance in us-east-1 so that they may be used from there later.
Take the public ip of the instance in us-east-1 to form the SCP command.
In my case the public IP of my us-east-1 instance was 54.80.120.44
~ on ☁️ (us-east-1) ➜ scp -i ec2-user-1.pem *.pem [email protected]:~/
ec2-user-1.pem 100% 1675 50.5KB/s 00:00
ec2-user-2.pem 100% 1679 50.1KB/s 00:00
And the SCP command says
ec2-user-1.pem as the identity for ec2-user at 54.80.120.44
*.pem (i.e.both pem files) to ~/ on the target server.Then when you do SSH to the first server, the PEM files will be there, but you cannot connect to the private IP of the other server until the VPC peering is completed.