Im trying to connect to my EC2 instance with SSH and Iḿ getting crazy. I have read this post and tried all user combinations:

AWS ssh access 'Permission denied (publickey)' issue

Its still not working for me. Any idea what am I missing?

  roberto@ubuntu:~/keys$ ssh -v -i ec2-key-pair.pem ec2-user@ec2-54-72-242-0.eu-west-1.compute.amazonaws.com
OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to ec2-54-72-242-0.eu-west-1.compute.amazonaws.com [54.72.242.0] port 22.
debug1: Connection established.
debug1: identity file ec2-key-pair.pem type -1
debug1: identity file ec2-key-pair.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6p1 Ubuntu-2ubuntu1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
debug1: match: OpenSSH_6.2 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA e4:06:ee:a5:a5:d2:97:5f:0f:b7:06:5e:f2:b3:da:26
debug1: Host 'ec2-54-72-242-0.eu-west-1.compute.amazonaws.com' is known and matches the ECDSA host key.
debug1: Found key in /home/roberto/.ssh/known_hosts:3
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: ec2-key-pair.pem
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

UPDATE: 

According to @aldanux suggestions:

    roberto@ubuntu:~/keys$ ssh-keygen -R 54.72.242.0
# Host 54.72.242.0 found: line 4 type ECDSA
/home/roberto/.ssh/known_hosts updated.
Original contents retained as /home/roberto/.ssh/known_hosts.old
roberto@ubuntu:~/keys$ ssh -i ec2-key-pair.pem ec2-user@ec2-54-72-242-0.eu-west-1.compute.amazonaws.com
Warning: Permanently added the ECDSA host key for IP address '54.72.242.0' to the list of known hosts.
Permission denied (publickey).

Try this steps:

ssh-keygen -R 54.72.242.0

sudo chmod 600 ec2-key-pair.pem

and then:

ssh -i ec2-key-pair.pem ec2-user@ec2-54-72-242-0.eu-west-1.compute.amazonaws.com

You are probably logging in as the wrong user. If it's a Ubuntu instance the command would be:

ssh -v -i ec2-key-pair.pem ubuntu@ec2-54-72-242-0.eu-west-1.compute.amazonaws.com

While not specific to AWS, this unhelpful error message

debug1: key_parse_private2: missing begin marker

will occur under a handful of obscure scenarios, such as when the ownership (or the permissions) on the SSH user's home directory are incorrect on the remote machine.

The best way to troubleshoot this and similar obscure messages is to examine the authorization log on the remote machine, provided you have access, as it will usually pinpoint the problem. On Debian and Ubuntu systems, this is most easily accomplished with tail (use sudo as appropriate):

tail -f -n 80 /var/log/auth.log

In my particular case, I found

Authentication refused: bad ownership or modes for directory /var/www

Perfectly accurate and concise: the owner:group was set to daemon:daemon when it should have been www-data:www-data (this was on a Ubuntu machine that must have had some other web-server installed in the past).

I had a similar issue, "key_parse_private2: missing begin marker" while using username 'ec2-user' but it got fixed when I changed to ubuntu as the user.

Another thing to check is PermitRootLogin and AllowUsers in /etc/ssh/sshd_config.

This debug1: key_parse_private2: missing begin marker appears even after successful key authorization if your user access restricted.

Yes, indeed quite misleading message. In my case I used wrong key for instance.

We had need to removed key pair and created new one, except that our instance kept using old one(because you can't do it that easy).

The error message was the same so it's worth to check key name in your aws panel of instance match the key pair that you use in key paris.

Logging in as "admin" worked for me. Based on your instance type the login user changes. ec2-user or ubuntu or in my case admin. ssh -v -i ./my_key_file.pem admin@ec2-11-222-333-44.compute-1.amazonaws.com

Also ensure the permission for the pem file is 600 chmod 600 ./my_key_file.pem

One easy way to get this error is a corrupt .pem file.

For example, if the last line is missing, you get "missing begin marker".

Make sure the .pem ends with:

-----END RSA PRIVATE KEY-----

Many problems may cause the connectivity issue: Please review the following settings:

1. AWS security group settings and check the ssh port 22 policy
2. Check the firewall setting you are using in your lan connection
3. Generate the ssh-keygen on your local machine and add to aws linux server for future safety.
4. Regenerate the new ssh key in the panel.
5. Check your ipblacklist on mxtoolbox if you are using firewall on the aws linux server.

Please try above all if possible to overcome the error. Let me know if its working or not.