Ssh

通過 SSH 連接 Amazon EC2 的權限被拒絕(公鑰)

  • September 21, 2013

當我嘗試通過 SSH 連接時。沒關係,但經過我的一些操作:-[ 我已經下載了密鑰對,複製到 .ec2,chmod 到 600,ssh-keygen -y -f ~/.ec2/gsg-keypair > ~/.ec2/gsg -keypair.pub 我正在使用 MacOS。我認為權限有問題……但我已經嘗試了所有組合和所有建議)

.ec2/ ls -l
-rw-------@ 1 olegpasko staff 1692 Apr 2 02:26 gsg-keypair
-rw-r--r-- 1 olegpasko staff 381 Apr 2 10:55 gsg-keypair.pub

.ssh/ ls -l
-rw------- 1 olegpasko staff 1766 Jun 8 2012 github_rsa
-rw-r--r-- 1 olegpasko staff 398 Jun 8 2012 github_rsa.pub
-rw------- 1 olegpasko staff 398 May 25 2012 github_rsa.pub_bak-github
-rw------- 1 olegpasko staff 1766 May 25 2012 github_rsa_bak-github
-rw------- 1 olegpasko staff 1766 Jun 28 2012 id_rsa
-rw-r--r-- 1 olegpasko staff 401 Jun 28 2012 id_rsa.pub
drw------- 2 olegpasko staff 68 Jun 28 2012 key_backup
-rw-------@ 1 olegpasko staff 5218 Apr 2 02:29 known_hosts
-rw-------@ 1 olegpasko staff 5218 Mar 31 13:55 known_hosts.bak

嘗試連接:

ssh -i gsg-keypair root@ec2-54-247-7-28.eu-west-1.compute.amazonaws.com -v
OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to ec2-54-247-7-28.eu-west-1.compute.amazonaws.com http://54.247.7.28 port 22.
debug1: Connection established.
debug1: identity file gsg-keypair type 1
debug1: identity file gsg-keypair-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 43:81:01:0d:a6:ff:9d:85:48:18:97:7a:12:4a:16:27
debug1: Host 'ec2-54-247-7-28.eu-west-1.compute.amazonaws.com' is known and matches the RSA host key.
debug1: Found key in /Users/olegpasko/.ssh/known_hosts:13
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/olegpasko/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: gsg-keypair
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

:(

您需要修復您的 sshd 配置。您可以按照http://aws.amazon.com/instance-help/#no-response的“EBS-Backed Instances :: Instance Recovery”部分執行此操作。

第 4 步:“更正舊根卷上的配置。” 是您需要取消操作 sshd_config 的地方。

由於實例和卷操作非常緩慢,您應該通過使用配置在不同埠上啟動 sshd 來測試您的去模糊化 sshd_config 是否有效。確保實例的安全組允許連接到該埠。

引用自:https://serverfault.com/questions/495389