小编典典

AWS ssh 访问“权限被拒绝(公钥)”问题

all

如何通过 ssh 连接到 AWS 实例?

我有:

  1. 在 AWS 注册;
  2. 在 AWS 网站上创建公钥和证书并将它们保存到磁盘;
  3. 转到我的控制台并创建环境变量:

    $ export JAVA_HOME=/usr/lib/jvm/java-6-openjdk/
    

    $ export EC2_CERT=/home/default/aws/cert-EBAINCRNWHDSCWWIHSOKON2YWGJZ5LSQ.pem
    $ export EC2_PRIVATE_KEY=/home/default/aws/pk-EBAINCRNWHDSCWWIHSOKON2YWGJZ5LSQ.pem

  4. 告诉 AWS API 使用此密钥对并将密钥对保存到文件中:

    $ ec2-add-keypair ec2-keypair > ec2-keypair.pem
    
  5. 使用此密钥对启动了 AWS Ubuntu 9 实例:

    $ ec2-run-instances ami-ed46a784 -k ec2-keypair
    
  6. 尝试建立与实例的 ssh 连接:

    $ ssh -v -i ec2-keypair.pem ubuntu@ec2-174-129-185-190.compute-1.amazonaws.com
    

    OpenSSH_5.1p1 Debian-5ubuntu1, OpenSSL 0.9.8g 19 Oct 2007
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for * debug1: Connecting to ec2-174-129-185-190.compute-1.amazonaws.com [174.129.185.190] port 22.
    debug1: Connection established.
    debug1: identity file ec2-keypair.pem type -1
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5ubuntu1
    debug1: match: OpenSSH_5.1p1 Debian-5ubuntu1 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-5ubuntu1
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'ec2-174-129-185-190.compute-1.amazonaws.com‘ is known and matches the RSA host key.
    debug1: Found key in /home/default/.ssh/known_hosts:11
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey
    debug1: Next authentication method: publickey
    debug1: Trying private key: ec2-keypair.pem
    debug1: read PEM private key done: type RSA
    debug1: Authentications that can continue: publickey
    debug1: No more authentication methods to try.
    Permission denied (publickey).

可能是什么问题以及如何使其发挥作用?


阅读 69

收藏
2022-04-20

共1个答案

小编典典

对于 Ubuntu 实例:

chmod 600 ec2-keypair.pem
ssh -v -i ec2-keypair.pem ubuntu@ec2-174-129-185-190.compute-1.amazonaws.com

对于其他情况,您可能必须使用ec2-user而不是ubuntu.

我使用的大多数 EC2 Linux 映像默认只创建了 root 用户。

另见:http
://www.youtube.com/watch?v=WBro0TEAd7g

2022-04-20