ubuntu – 无法ssh到Amazon EC2帐户. (公钥错误)

2019年8月3日 197次阅读

我刚刚启动了一个EC2实例,我很难启动ssh连接.请注意,我有一个以前的EC2实例,使用相同的密钥对ssh工作正常.我很困惑,因为我使用相同的密钥对启动了这个新的EC2实例.

以下是我的尝试.关于这里可能会发生什么的专家建议？以及如何解决它？

me@ubuntu:~/keys$ssh -i mykey.pem ubuntu@1.2.3.4
The authenticity of host '1.2.3.4 (1.2.3.4)' can't be established.
RSA key fingerprint is aa:bb:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '1.2.3.4' (RSA) to the list of known hosts.
Permission denied (publickey).

me@ubuntu:~/keys$chmod 400 mykey.pem
me@ubuntu:~/keys$ssh -i mykey.pem ubuntu@1.2.3.4
Permission denied (publickey).

me@ubuntu:~/keys$ssh -v -i mykey.pem ubuntu@1.2.3.4
OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 1.2.3.4 [1.2.3.4] port 22.
debug1: Connection established.
debug1: identity file mykey.pem type -1
debug1: identity file mykey.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA aa:bb:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc
debug1: Host '1.2.3.4' is known and matches the RSA host key.
debug1: Found key in /home/me/.ssh/known_hosts:10
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: mykey.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

最佳答案您正在使用的密钥对必须是错误的/丢失的,并且您无法恢复私钥对,因为我曾经丢失过.pem文件并且必须重新创建和实例.

它就像一个密码,亚马逊出于安全原因不保存私钥.

要解决这个问题.

转到aws管理控制台
1.停止实例并创建相同的AMI图像.
2.使用创建的AMI映像和附加的新密钥对启动新实例.
3.然后分配先前分配给旧实例的弹性IP.
4.如果一切正常,请删除旧实例.

因此,在线保存XXXX.pem文件.