我正在尝试通过SSH连接到EC实例。
这些是我遵循的步骤,下面是我得到的错误。
在亚马逊控制台中,我创建了一个密钥对并将其下载
将该pem文件的权限更改为400(如here所示)
去了控制台中正在运行的实例,并获得了我的公共DNS
向描述为'SecurityGroup for ElasticBeanstalk environment'的组添加了一个入站规则(SSH),0.0.0.0 / 0。在控制台的“安全组”选项卡中
在控制台ssh -i <>my_key_filename>.pem ec2-user@<Public DNS>
这是输出:
OpenSSH_6.1p1 Debian-4, OpenSSL 1.0.1c 10 May 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com [54.254.148.94] port 22.
debug1: Connection established.
debug1: identity file mykey.pem type -1
debug1: identity file mykey.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.1p1 Debian-4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA a1:2b:92:f6:cf:e3:ed:8a:60:0e:34:c0:27:24:6f:f7
The authenticity of host 'ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com (54.254.148.94)' can't be established.
RSA key fingerprint is a1:2b:92:f6:cf:e3:ed:8a:60:0e:34:c0:27:24:6f:f7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com,54.254.148.94' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: aws_key.pem
debug1: Authentications that can continue: publickey
debug1: Offering DSA public key: id_dsa
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: mailid@gmail.com
debug1: Authentications that can continue: publickey
debug1: Trying private key: mykey.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
此外,我尝试连接的实例是Amazon Linux实例。
答案 0 :(得分:1)
从您的评论下面的问题:看起来您的步骤顺序不正确。
首次启动时会将公钥注入实例。在实例启动后,AWS无法更改密钥对 - AWS无法通过技术方式连接到您的实例。 (您可以通过上传~/.ssh
目录中的文件)
要了解有关如何在ElasticBeanstalk中使用keypair的更多信息,请查看此屏幕截图
或者只使用包含
的.ebextensions
文件创建application.config
目录
- namespace: aws:autoscaling:launchconfiguration
option_name: EC2Keyname
value: "keyname"
有关自定义ElasticBeanstalk环境的更多详细信息:http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers-ec2.html#customize-containers-format-options
此处列出了可能的值http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-launchconfig.html
有关密钥对的更多详细信息,请访问:http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
- 的Seb