EC2/EBS Encryption Gap / Certificate Failure Diagnostic Troubleshooter (Part 4)
Use the interactive troubleshooter below to identify your EC2/EBS encryption gap or certificate failure symptom, review the raw evidence, understand the root cause, and apply the recommended fix.
🚨 Step 1: What specific error symptom are you experiencing?
Please click the most accurate description:
Quick Reference Table
| # | Scenario | Key Error Signal | Root Cause | The Fix |
|---|---|---|---|---|
| 3 | Plaintext Exposure Risk: Unprotected SSH Private Key File | WARNING: UNPROTECTED PRIVATE KEY FILE! Permissions 0777 for '.ssh/my_private_key.pem' are too open. | The SSH private key file permissions are too permissive, allowing unauthorized read/write access to the key material. | chmod 0400 .ssh/my_private_key.pem |
| 4 | Certificate/Key Lifecycle Failure: Host key validation failed | Error: Host key validation failed for EC2 Instance Connect | The instance host keys were rotated, but the new keys were not automatically uploaded to the AWS trusted host keys database. | [ec2-user ~]$ cd /opt/aws/bin/ followed by [ec2-user ~]$ ./eic_harvest_hostkeys |