0

我知道有很多关于 AWS 和 SSH 会话的问题,我尝试使用它们,但都失败了。

我有一个正在运行的实例,EC2 管理控制台给出的 ssh 字符串是

ssh -i -v jason.pem ubuntu@ec2-54-227-167-156.compute-1.amazonaws.com 

产生输出

OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to ec2-54-227-167-156.compute-1.amazonaws.com [54.227.167.156] port 22.
debug1: Connection established.
debug1: identity file jason.pem type -1
debug1: identity file jason.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-    5ubuntu1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA ea:b6:50:fe:49:49:90:76:03:91:21:6d:73:0e:04:d2
debug1: Host 'ec2-54-227-167-156.compute-1.amazonaws.com' is known and matches the   ECDSA host key.
debug1: Found key in /home/jason/.ssh/known_hosts:27
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Trying private key: jason.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

我做了以下事情:

  • 创建新的密钥对,下载jason.pem并设置为 0400 chmod 权限
  • 添加ChallengeResponseAuthentication yes到 /etc/ssh/ssh_config

到底发生了什么,为什么jason.pem文件不被接受?

4

1 回答 1

1

您实例上的公钥与您的私钥对不一致。如果该实例的配置很重要并且您想保留它(我这样说是基于您关闭实例而不是仅仅创建一个新实例的事实):

  1. 创建一个新的密钥对
  2. 创建您要访问的实例的 AMI
  3. 使用新密钥对从该 AMI 创建一个新实例
  4. 尝试使用新下载的密钥对再次 ssh 进入它

密钥对应该有 400 个权限。

于 2013-07-22T16:32:32.363 回答