我已经经历过如此多的关于SO的问题而且这些问题都没有奏效,但我也可以确定何时发生这种情况,以便我可以添加另一层细节。
大多数解决方案表明提问者是:
任何一个实例建议尝试:ssh -i kename.pem username@host -vvv
,这是我过去总是有用的方式......直到我重新构建了我的客户机。从那时起,我就得到了附加的ssh跟踪。
我尝试过从我被锁定的服务器创建AMI的第二级尝试,启动新实例,创建新密钥,并尝试登录新实例。那里没有运气。
所以,我的问题是:是否有一些东西可能存在于旧机器上,可能是我的公钥或某些东西,我不再拥有,因此无法连接到任何实例?我的印象是你只需要私钥进行身份验证。除了使用它登录到机器之外,我在SSH协议上相当薄,下面的跟踪似乎没有给出任何关于这个故障的提示,除了“debug1:服务器不允许漫游”,但是这是不相关的,我正在做更多的事情。
我希望这个问题的重新成像部分能够解释这个问题。
OpenSSH_5.9p1, OpenSSL 1.0.0e 6 Sep 2011 debug2: ssh_connect: needpriv 0 debug1: Connecting to **hostname** [**hostname**] port 22. debug1: Connection established. debug1: identity file /.ssh/id_rsa type -1 debug1: identity file /.ssh/id_rsa-cert type -1 debug1: identity file /.ssh/id_dsa type -1 debug1: identity file /.ssh/id_dsa-cert type -1 debug1: identity file /.ssh/id_ecdsa type -1 debug1: identity file /.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.4 debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.4 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9 debug2: fd 100 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: zlib@openssh.com,zlib,none debug2: kex_parse_kexinit: zlib@openssh.com,zlib,none debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 zlib@openssh.com debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 zlib@openssh.com debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA ea:b9:58:59:16:ff:cc:89:72:50:ab:f7:8f:40:ef:3b The authenticity of host '**hostname** (**hostname**)' can't be established. ECDSA key fingerprint is ea:b9:58:59:16:ff:cc:89:72:50:ab:f7:8f:40:ef:3b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '**hostname**' (ECDSA) to the list of known hosts. debug1: ssh_ecdsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /.ssh/id_rsa (0x0) debug2: key: /.ssh/id_dsa (0x0) debug2: key: /.ssh/id_ecdsa (0x0) debug1: Authentications that can continue: publickey debug3: start over, passed a different list publickey debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /.ssh/id_rsa debug1: could not open key file '/.ssh/id_rsa': Invalid argument debug1: Trying private key: /.ssh/id_dsa debug1: could not open key file '/.ssh/id_dsa': Invalid argument debug1: Trying private key: /.ssh/id_ecdsa debug1: could not open key file '/.ssh/id_ecdsa': Invalid argument debug2: we did not send a packet, disable method debug1: No more authentication methods to try. Permission denied (publickey).
答案 0 :(得分:1)
你加入你正在尝试的确切命令吗?
输出ls $ HOME / .ssh?
如果仔细阅读堆栈跟踪,看起来SSH在默认位置找不到任何密钥。服务器回复说您没有提供正确的密钥,调试输出告诉我您没有提供任何密钥。
首先找出客户端计算机上私钥的位置:)
然后按照评论中的建议将其移至.ssh / id_rsa或ssh -i <key_location> ubuntu@myhost
。