首次通过SSH登录EC2。 它无法打开私钥文件。所以我将chmod更改为700,但它仍然抛出相同的错误。请建议我该如何修复它。
Macs-MacBook-Pro:~ Macbook$ ssh -v -i ~/.ssh/aug1981.pem ubuntu@ec2-54-200-94-18.us-west-2.compute.amazonaws.com
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to ec2-54-200-94-18.us-west-2.compute.amazonaws.com [54.200.94.18] port 22.
debug1: Connection established.
debug1: identity file /Users/Macbook/.ssh/aug1981.pem type -1
debug1: identity file /Users/Macbook/.ssh/aug1981.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 8d:e2:20:42:95:c5:bc:14:42:10:a5:cf:40:d8:d9:fa
debug1: Host 'ec2-54-200-94-18.us-west-2.compute.amazonaws.com' is known and matches the RSA host key.
debug1: Found key in /Users/Macbook/.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/Macbook/.ssh/aug1981.pem
debug1: could not open key file '/Users/Macbook/.ssh/aug1981.pem': Permission denied
debug1: No more authentication methods to try.
Permission denied (publickey).
答案 0 :(得分:0)
您从EC2实例下载的文件位于何处?
你可以用.pem在目录上做一个ls -la,这样我们就可以看到谁拥有.pem文件了?
你是否在EC2实例上设置了任何安全措施,如192.168.0.0/24可以访问此实例的端口22 / tcp?
答案 1 :(得分:0)
尝试打开密钥文件时出现权限被拒绝错误。
我会做一个ls -la
,看看你的用户是否真的拥有该文件,并将其设置为权限0700。
如果您不属于您的用户,则需要:
whoami # this will tell you your user's name
chown user aug1981.pem