Bobcares

Quick way to fix EC2 WinSCP permission denied error

by | Apr 17, 2019

Trying to transfer files to my webserver using WinSCP. But am getting an “Error code: 3” and “Permission denied” after successfully connecting to my instance. Can you please fix it?

That was a recent request received in Technical Support Services from one of our Amazon EC2 customer.

WinSCP is one the free method to securely transfer files between a home computer and server. Today, in this write up we’ll see how Bobcares’ Engineers fixed the “EC2 WinSCP permission denied” error.

More about EC2 and WinSCP

Before proceeding further, let’s get a quick idea on WinSCP and EC2 instance.

Amazon Elastic Compute Cloud forms the central part of Amazon’s cloud-computing solutions. In today’s world of cloud hosting, its a normal practice to set up servers and websites on cloud instances. Naturally, there is a need to transfer files to these EC2 instances too.

Although Amazon EC2 support many access methods, WinSCP remains a popular choice. The primary requirement of users will be to just transfer the files to the instance across the network using the ssh (secure shell) encrypted protocol. Thus, it will be more easy to use WinSCP than methods like Putty, that involves direct configuration edits.

Moreover, WinSCP fits in the Windows environment and it readily integrates features such as drag-and-drop, shortcuts, and URLs. Additionally, WinSCP include security features like encrypted password storage too.

That’s why, accessing EC2 instance via WinSCP is one of the methods that our Support Engineers suggest to newbies in Cloud Hosting.

 

Reasons for EC2 WinSCP permission denied error

From our experience in managing servers, any errors can put WinSCP users on pins and needles. Now, its time to see the major factors that can cause the EC2 WinSCP permission denied error.

 

1. Wrong WinSCP settings

Usually, a major share of EC2 WinSCP permission denied errors occur due to bad configuration settings. And, in such cases an attempt tp transfer a file results in the following error:

Permission denied
Error Code: 3
Error message from server: Permission denied
Request Code: 3

 

2. User IP block at EC2 instance

Again, users IP address blocked at the EC2 instance can also be a reason for permission denied error.

In Amazon EC2, Security groups allows you to control traffic to your instance. It can even decide the kind of traffic that can reach your instance. For example, you can allow IP addresses from only your home network to access your instance using SSH. And, when a user tries to connect from a different IP address, the instance block the user with permission denied message.

 

3. Wrong key pair

Amazon EC2 instances have a unique Host key fingerprint. When you connect to the instance for the first time, you will be prompted to verify server host key. However, WinSCP does not support ECDSA keys. And, when there are problems in verifying the key pair, it also results in the EC2 WinSCP permission denied error.

 

How we fix EC2 access using WinSCP

We already saw the top reasons for permission denied error in WinSCP. Now, its time to see how our Dedicated Engineers fix the WinSCP access.

 

1. Adjusting WinSCP settings

For successfully connecting to the EC2 instance, we need to uncheck the “Transfer resuming” from the preferences in WinSCP. To do this, we follow the steps below.

1) Open WinSCP.
2) Select Advanced options at bottom-left.
3)Just above Advanced options we Left click on Preferences
4) We can now see the Preferences “Radio-type” Button
5) Now in the “Confirmations” box, 4th item from the top, Transfer resuming, we remove the ‘check-mark’
6) Click OK Button.

Finally, at the WinSCP login screen, we enter the public IPv4 address for the instance, username details. The successful connection window looks something like:

 

2. Allow IP address

In the recent helpdesk request about WinSCP, IP block was causing the problem.

To fix problems related to IP block, we allow the user’s IP on the EC2 instance. Our Support Engineers add a rule to a security group for inbound SSH traffic over IPv4. For this, we follow the steps as:

In the navigation pane of the Amazon EC2 console, choose Instances. We select the particular instance and look at the Description tab; Here, the Security groups lists the security groups that are associated with the instance. Choose view inbound rules to display a list of the rules that are in effect for the instance.

Here, on the Inbound tab, we choose Edit, then we add rule by choosing SSH from the Type list. In the Source field, we set the customers IP by choosing Custom option. Finally click on Save option.

 

3. Adding correct keys

Now, let’s see how we fix problems with the key pair. We locate key fingerprint in server’s initial start log. For this we use, Actions > Get System Log command on Instances page of Amazon EC2 console.

There, we look for RSA (or DSA) key fingerprint as WinSCP does not support ECDSA keys.

Again, in WinSCP settings, we select the Advanced button to open Advanced site settings dialog and go to SSH > Authentication page.
In Private key file box we select the .pem private key file. WinSCP will need to convert the key to its .ppk format.
We submit Advanced site settings dialog with OK button.
Finally we click on Save button to save your site settings. And, the WinSCP connection with EC2 starts working fine.

[Are you getting WinSCP permission denied error? We can fix EC2 access for you.]

 

Conclusion

In a nutshell, EC2 WinSCP permission denied error mainly happens due to wrong settings, IP block and more. Today, we saw the various reasons that cause this error and how our Dedicated Engineers fix EC2 access.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF