0

我正在尝试通过 SSH 连接到 EC 实例。

这些是我遵循的步骤,下面是我得到的错误。

  1. 在 Amazon 控制台中,我创建了一个密钥对并下载了它

  2. 将该 pem 文件的权限更改为 400(如此所写)

  3. 转到控制台中正在运行的实例并获取我的公共 DNS

  4. 向组添加了入站规则 (SSH),0.0.0.0/0,其描述为“SecurityGroup for ElasticBeanstalk environment”。在控制台的安全组选项卡中

  5. 在控制台中执行此ssh -i <>my_key_filename>.pem ec2-user@<Public DNS>

这是输出:

OpenSSH_6.1p1 Debian-4, OpenSSL 1.0.1c 10 May 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com [54.254.148.94] port 22.
debug1: Connection established.
debug1: identity file mykey.pem type -1
debug1: identity file mykey.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.1p1 Debian-4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA a1:2b:92:f6:cf:e3:ed:8a:60:0e:34:c0:27:24:6f:f7
The authenticity of host 'ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com (54.254.148.94)' can't be established.
RSA key fingerprint is a1:2b:92:f6:cf:e3:ed:8a:60:0e:34:c0:27:24:6f:f7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com,54.254.148.94' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: aws_key.pem
debug1: Authentications that can continue: publickey
debug1: Offering DSA public key: id_dsa
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: mailid@gmail.com
debug1: Authentications that can continue: publickey
debug1: Trying private key: mykey.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

此外,我尝试连接的实例是 Amazon Linux 实例。

4

1 回答 1

1

从您的问题下方的评论中:看起来您的步骤顺序不正确。

  • 首先,您需要创建密钥对
  • 那么您需要告诉 ElasticBeanstak 在启动您的实例时使用该密钥对

公钥在第一次启动时被注入到实例中。AWS 无法在实例启动更改密钥对- AWS 没有技术方法可以连接到您的实例。(您可以通过在~/.ssh目录中上传文件来手动完成)

要了解有关如何将密钥对与 ElasticBeanstalk 一起使用的更多信息,请查看此屏幕截图 在此处输入图像描述

或者只是创建一个包含文件的.ebextensions目录application.config

- namespace: aws:autoscaling:launchconfiguration   
  option_name: EC2Keyname   
  value: "keyname"

有关自定义 ElasticBeanstalk 环境的更多详细信息:http: //docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers-ec2.html#customize-containers-format-options

此处列出了可能的值http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-launchconfig.html

可以在此处找到有关密钥对的更多详细信息:http: //docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html

--Seb

于 2014-02-03T10:27:15.797 回答