登录适用于LightsailDefaultPrivateKey-eu-west-1.pem,但不适用于我自己的密钥对。
我尝试使用' ssh-keygen -t rsa -b 4096 -C" my@email.com"生成密钥; -f~ / .ssh / lsail-mikemittererat-eu-west-1.pem'
我还尝试在AWS / S2上生成密钥,下载它,从私钥生成公钥并将其上传到LightSail - 结果相同。它没有用。
错误-消息: ssh -i~ / .ssh / ssh_my- website ubuntu @ 权限被拒绝(公钥)。
如果我使用-v选项,这就是我得到的:
ssh -v -i ~/.ssh/lsail-mikemittererat-eu-west-1.pem ubuntu@<public ip>
OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: Connecting to <public ip> [<public ip>] port 22.
debug1: Connection established.
debug1: identity file /Users/mikemitterer/.ssh/lsail-mikemittererat-eu-west-1.pem type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/mikemitterer/.ssh/lsail-mikemittererat-eu-west-1.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to <public ip>:22 as 'ubuntu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:6u6vqWOSbOSNiPYAOqa5q/epSntR7GG5dvFzKuUAJOQ
debug1: Host '<public ip>' is known and matches the ECDSA host key.
debug1: Found key in /Users/mikemitterer/.ssh/known_hosts:38
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/mikemitterer/.ssh/lsail-mikemittererat-eu-west-1.pem
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
.pem的权限设置为600,.ssh设置为700
答案 0 :(得分:3)
我能够使它按以下方式工作:
如上所述生成了SSH密钥对(ssh-keygen -t rsa -b 4096 -C“ my@email.com” -f〜/ certs / test.pem)
更改了对私钥文件(chmod 600 test.pem)的权限
使用lightail集成控制台将其插入实例,并将公钥添加到〜/ .ssh / authorized_keys文件
我能够使用ssh -i〜/ certs / lightsail.pem ubuntu @
让我知道这是否可行,或者我是否缺少某些东西。
答案 1 :(得分:2)
我有几个小时的同样问题,最后解决了。这是我做的:
将pem文件下载到文件夹中。
然后运行:
$chmod 600 KEYFILE.pem
而且:
$ssh -i "KEYFILE.pem" bitnami@your_static_ip
我记得,我尝试过与你相同的事情,但它没有用。
答案 2 :(得分:0)
我使用AWS密钥和第三方生成的密钥执行了Add new user accounts with SSH access中列出的所有步骤,但仍然出现<USER>@<HOSTNAME>: Permission denied (publickey)错误。原来,我需要为自定义主目录位置修复目录权限,而与生成密钥或将其上载到实例的方式无关。
Troubleshoot "Permission denied (publickey)"知识库文章中详细介绍了必需的目录权限,指出应使用以下权限:
/home):755 /home/ec2-user):700 .ssh/目录(例如/home/ec2-user/.ssh):0700 authorized_keys文件(例如/home/ec2-user/.ssh/authorized_keys):600 一旦我的目录权限正确,我配置的密钥就会开始工作。