这个问题已被多次询问和回答(我今天已经阅读了很多这样的问题),但我仍然没有看到我在尝试ssh到EC2实例时做错了什么。这是我做的:
这是一个运行ubuntu Linux的EC2媒体实例。 我创建了一个新密钥对并下载了rick_casey.pem文件, 把它移到了〜/ .ssh,然后做了
chmod 400 rick_casey.pem
然后将其添加到我的ssh身份:
ssh-add rick_casey.pem
但是当我尝试连接时,会发生以下情况:
ssh -v -i "rick_casey.pem" ubuntu@ec2-54-237-54-42.compute-1..amazonaws.com
OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data /Users/rickcasey/.ssh/config
debug1: /Users/rickcasey/.ssh/config line 8: Applying options for *.amazonaws.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug1: /etc/ssh/ssh_config line 53: Applying options for *
debug1: Connecting to ec2-54-237-54-42.compute-1.amazonaws.com [54.237.54.42] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file rick_casey.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file rick_casey.pem-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/rickcasey/.ssh/rick_casey.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/rickcasey/.ssh/rick_casey.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6 pat OpenSSH_6.6.1* compat 0x04000000
debug1: Authenticating to ec2-54-237-54-42.compute-1.amazonaws.com:22 as 'ubuntu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Zu9shRhr3d+STyKTHKkhE2ZC1esSrALqNPGj3UtN8IA
Warning: Permanently added 'ec2-54-237-54-42.compute-1.amazonaws.com,54.237.54.42' (ECDSA) to the list of known hosts.
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: rick_casey.pem
debug1: Authentications that can continue: publickey
debug1: Trying private key: rick_casey.pem
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/rickcasey/.ssh/rick_casey.pem
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
对我来说可疑的是:
debug1: key_load_public: No such file or directory
有谁知道这意味着什么?这是否存在公钥问题?生成AWS密钥对时,公钥是否会自动添加到此AWS服务器所在的位置?
其他用户可以毫无问题地进入此服务器,因此没有理由不能做同样的事情......但是有没有人建议我应该尝试什么?
谢谢, 瑞克
答案 0 :(得分:2)
生成AWS密钥对时,公钥是否会自动添加到此AWS服务器所在的位置?
当然不是,除非您使用该密钥启动新实例。您提到其他用户可以登录,这意味着这不是您使用此密钥启动的实例。
要在现有实例上使用新密钥,您必须将私钥的相应公钥附加到/home/ubuntu/.ssh/authorized_keys(或“ec2-user”或任何用户名应该是 - - 亚马逊Linux使用“ec2-user”而Ubuntu使用“ubuntu”)...当然,在这种情况下,没有理由使用EC2控制台生成密钥......你可以通过以下方式完成相同的结果在本地生成私钥。
但是,由于您已经拥有密钥,因此可以使用ssh-keygen -y -f /path/to/your-private-key.pem从私钥中提取公钥,并将其提供给您的管理员,管理员需要将其添加到服务器的用户的authorized_keys文件中。 / p>