如何通过ssh连接到AWS实例?

我有:

Signed up at AWS; Created a public key and a certificate at AWS website and saved them to disk; Went to my console and created environment variables: $ export JAVA_HOME=/usr/lib/jvm/java-6-openjdk/ $ export EC2_CERT=/home/default/aws/cert-EBAINCRNWHDSCWWIHSOKON2YWGJZ5LSQ.pem $ export EC2_PRIVATE_KEY=/home/default/aws/pk-EBAINCRNWHDSCWWIHSOKON2YWGJZ5LSQ.pem Told AWS API to use this keypair and saved the keypair to file: $ ec2-add-keypair ec2-keypair > ec2-keypair.pem Started an AWS Ubuntu 9 instance using this keypair: $ ec2-run-instances ami-ed46a784 -k ec2-keypair Attempted to establish a ssh connection to the instance: $ ssh -v -i ec2-keypair.pem ubuntu@ec2-174-129-185-190.compute-1.amazonaws.com OpenSSH_5.1p1 Debian-5ubuntu1, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to ec2-174-129-185-190.compute-1.amazonaws.com [174.129.185.190] port 22. debug1: Connection established. debug1: identity file ec2-keypair.pem type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5ubuntu1 debug1: match: OpenSSH_5.1p1 Debian-5ubuntu1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-5ubuntu1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'ec2-174-129-185-190.compute-1.amazonaws.com' is known and matches the RSA host key. debug1: Found key in /home/default/.ssh/known_hosts:11 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: ec2-keypair.pem debug1: read PEM private key done: type RSA debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey). What could be the problem and how to make it work?


当前回答

它的ec2-user用于Amazon Linux AMI, ubuntu用于ubuntu映像。 此外,RHEL 6.4和更高版本的ec2-user RHEL 6.3及更早版本的root Fedora ec2-user Centos的根

其他回答

我也遇到了这个问题——原来我使用的是社区创建的AMI——默认用户名是niehter root,也不是ect-user或ubuntu。事实上,我不知道它是什么,直到我尝试了“root”,服务器好心地让我以xxx的身份登录,其中xxx是它告诉你的任何东西。

干杯!

只是给这个列表加了一条。今天早上,我遇到了一个刚添加到AWS EC2实例的新用户的麻烦。直截了当地说,问题出在selinux(它处于强制模式)上,而且我的用户主目录位于新的EBS附加卷上。我猜selinux不喜欢另一卷。我花了一段时间才弄清楚,因为我查看了所有其他常见的ssh问题(/etc/ssh/sshd_config是好的,当然不允许密码,权限是正确的,等等)。

这是固定的吗?

目前(直到我理解如何允许用户ssh到不同的卷,或者以某种方式使该卷成为真正的主目录点):

sudo perl -pi -e 's/^SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config
sudo setenforce 0

就是这样。现在我的新用户可以使用他自己的id_rsa密钥登录。

使用……

# chmod 400 ec2-keypair.pem

不要使用600权限,否则可能会意外覆盖您的密钥。

如果您正在从Bitnami运行AWS映像。用户名是bitnami。干杯!

查看我的调试并查看最后一个:

*

ssh -v -i awsliferaysrta.pem.txt root@54.254.250.***
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to 54.254.250.*** [54.254.250.***] port 22.
debug1: Connection established.
debug1: identity file awsliferaysrta.pem.txt type -1
debug1: identity file awsliferaysrta.pem.txt-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 05:5c:78:45:c9:39:3a:84:fe:f8:19:5d:31:48:aa:5f
debug1: Host '54.254.250.***' is known and matches the RSA host key.
debug1: Found key in /Users/macbookpro/.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: awsliferaysrta.pem.txt
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to 54.254.250.*** ([54.254.250.***]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Remote: Port forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Forced command.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Please login as the user "bitnami" rather than the user "root".

*

在我的情况下(Mac OS X),问题是文件的中断类型。试试这个:

1.—使用TextWrangler打开。pem文件

2.-在应用程序底部,验证中断类型是否为“Windows(CRLF)”。