4

我刚刚启动了一个 EC2 实例,但在启动 ssh 连接时遇到了困难。请注意,我有一个以前的 EC2 实例,它使用相同的密钥对 ssh 运行良好。我很困惑,因为我使用相同的密钥对启动了这个新的 EC2 实例。

以下是我尝试过的。关于这里可能发生的事情的任何专家建议?以及如何解决?

me@ubuntu:~/keys$ ssh -i mykey.pem ubuntu@1.2.3.4
The authenticity of host '1.2.3.4 (1.2.3.4)' can't be established.
RSA key fingerprint is aa:bb:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '1.2.3.4' (RSA) to the list of known hosts.
Permission denied (publickey).

me@ubuntu:~/keys$ chmod 400 mykey.pem
me@ubuntu:~/keys$ ssh -i mykey.pem ubuntu@1.2.3.4
Permission denied (publickey).

me@ubuntu:~/keys$ ssh -v -i mykey.pem ubuntu@1.2.3.4
OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 1.2.3.4 [1.2.3.4] port 22.
debug1: Connection established.
debug1: identity file mykey.pem type -1
debug1: identity file mykey.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA aa:bb:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc
debug1: Host '1.2.3.4' is known and matches the RSA host key.
debug1: Found key in /home/me/.ssh/known_hosts:10
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: mykey.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
4

3 回答 3

2

您使用的密钥对必须是错误/丢失的,并且您无法恢复私钥对,因为我曾经丢失了 .pem 文件并且必须重新创建和实例化。它就像一个密码,亚马逊出于安全原因不保存私钥。

要解决这个问题。

转到 aws 管理控制台 1. 停止实例并创建相同的 AMI 映像。2. 使用创建的 AMI 映像和附加的新密钥对启动一个新实例。3.然后分配之前分配给旧实例的弹性IP。4. 如果一切正常,删除旧实例。

因此,将 XXXX.pem 文件保存在某个在线位置。

于 2013-01-01T02:43:56.190 回答
0

关键调试日志是这样的:

debug1: Roaming not allowed by server

您是从 3g/4g 热点连接的吗?Amazon EC2 公然忽略您的 pem 文件。

于 2014-08-29T15:45:01.043 回答
0

尝试:

chmod 600 [FULL_PATH_TO_KEYFILE_DIRECTORY]/mykey.pem

反而。

如果您的 AMI 是Amazon AMI,请使用ec2-user您的用户名。

如果仍然无法正常工作,请尝试将以下内容放入您的~/.ssh/config:

IdentitiesOnly yes
KeepAlive yes
ServerAliveInterval 60
Host ALAIS_FOR_YOUR_HOST
    User ubuntu
    HostName HOST_IP
    IdentityFile FULL_PATH_TO_KEY_FILE
于 2012-05-05T00:26:16.620 回答