我尝试使用此命令连接到有问题的Amazon EC2实例:
ssh -vvv -i MY_KEY.pem root@ec2-XX-XX-XXX-XX.compute-1.amazonaws.com
得到这个结果:
OpenSSH_7.5p1, OpenSSL 1.1.0g-fips 2 Nov 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: /etc/ssh/ssh_config.d/05-redhat.conf line 8: Applying options for *
debug1: Connecting to ec2-XX-XX-XXX-XX.compute-1.amazonaws.com [XX.XX.XXX.XX] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file MY_KEY.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file MY_KEY.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.5
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to ec2-XX-XX-XXX-XX.compute-1.amazonaws.com:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: kex: curve25519-sha256@libssh.org need=32 dh_need=32
debug1: kex: curve25519-sha256@libssh.org need=32 dh_need=32
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:rRMQg/hs
debug1: Host 'ec2-XX-XX-XXX-XX.compute-1.amazonaws.com' is known and matches the ECDSA host key.
debug1: Found key in /home/dina/.ssh/known_hosts:8
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: MY_KEY.pem
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Offering RSA public key: dina@localhost.localdomain
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: MY_KEY.pem
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
Password:
关键MY_KEY.pem应该是正确的,我已经在NETWORK&amp; amp;安全 - &gt; AWS控制台上的密钥对,与我使用的密钥相同。
.pem文件的权限为400,所有者是当前所有者。允许从所有地址到实例的SSH入站流量。
还尝试了不同的用户(root,ubuntu,admin,ec2-user,centos,fedora),因为我没有与启动实例的人联系,也不知道那里有什么系统。
对于发生了什么以及可以做些什么的任何想法?非常感谢您的帮助
答案 0 :(得分:0)
你在使用什么AMI?
如果您使用的是Ubuntu AMI,则应该以ubuntu连接。
$ ssh -vvv -i ~/.ssh/MY_KEY.pem ubuntu@ec2-XX-XX-XXX-XX.compute-1.amazonaws.com
在Amazon Linux上,默认用户是ec2-user。
$ ssh -vvv -i MY_KEY.pem ec2-user@ec2-XX-XX-XXX-XX.compute-1.amazonaws.com
一旦进入这两个用户,就会拥有sudo权限。