我想使用我的亚马逊ec2实例,但面临以下错误:
Permission denied (publickey).
我已经创建了密钥对并下载了.pem文件。
考虑到:
chmod 600 pem file.
然后,这条命令
ssh -i /home/kashif/serverkey.pem ubuntu@ec2-54-227-242-179.compute-1.amazonaws.com
但是有这样的错误:
Permission denied (publickey)
另外,我如何连接filezilla上传/下载文件?
我也犯过类似的错误
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: xxxx.pem
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
我的问题是,由于第3步的run-on- startup脚本上的错误,实例没有正确启动:在高级详细信息下配置实例详细信息:
我心里想的是:
# include
https://xxxx/bootstrap.sh
实际输入的内容会破坏实例设置
# include
https://xxxx/bootstrap.sh
因此没有创建实例端的公钥
在这种情况下,问题产生于密钥对丢失。关于这个:
无法更改实例上的密钥对。您必须创建一个使用新密钥对的新实例。
如果您的实例由Elastic Beanstalk上的应用程序使用,则可以解决这个问题。
你可以遵循以下步骤:
访问AWS管理控制台
打开弹性豆茎标签
从所有应用程序选项卡中选择您的应用程序
从左边menù选择配置
单击Instances Gear
在服务器表单中检查EC2密钥对输入并选择新的密钥对。您可能必须刷新列表才能看到刚刚创建的新密钥对。
保存
Elastic Beanstalk将为您创建与新密钥对关联的新实例。
通常,请记住必须允许EC2实例接受入站SSH通信。
为此,您必须为EC2实例的Security Group创建一个特定的规则。
您可以按照以下步骤进行操作。
Access to AWS Management Console
Open EC2 Tab
From Instances list select the instance you are interested in
In the Description Tab chek the name of the Security Group your instance is using.
Again in Description Tab click on View rules and check if your Security Group has a rule for inbound ssh traffic on port 22
If not, in Network & Security menù select Security Group
Select the Security Group used by your instance and the click Inbound Tab
On the left of Inbound Tab you can compose a rule for SSH inbound traffic:
Create a new rule: SSH
Source: IP address or subnetwork from which you want access to instance
Note: If you want grant unlimited access to your instance you can specify 0.0.0.0/0, although Amazon not recommend this practice
Click Add Rule and then Apply Your Changes
Check if you're now able to connect to your instance via SSH.
希望这能像帮助我一样帮助别人。
我挣扎着同样的权限拒绝错误显然是由于
key_parse_private2: missing begin marker
在我的情况下,原因是当前用户的ssh配置文件(~/.ssh/config)。
使用以下方法:
ssh -i ~/myKey.pem ec2-user@<IP address> -v 'exit'
初步输出结果显示:
debug1: Reading configuration data /home/ec2-user/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: Hostname has changed; re-reading configuration
debug1: Reading configuration data /home/ec2-user/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
…许多调试线在这里切断…
debug1: Next authentication method: publickey
debug1: Trying private key: /home/ec2-user/somekey.pem
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
上面的第三行是实际发现问题的地方;然而,我在调试消息从底部(上面)四行,并被误导。钥匙没有问题,但我测试了一下,比较了其他配置。
我的用户ssh配置文件通过一个意外的全局设置重置主机,如下所示。第一行Host不应该是注释。
$ cat config
StrictHostKeyChecking=no
#Host myAlias
user ec2-user
Hostname bitbucket.org
# IdentityFile ~/.ssh/somekey
# IdentitiesOnly yes
Host my2ndAlias
user myOtherUser
Hostname bitbucket.org
IdentityFile ~/.ssh/my2ndKey
IdentitiesOnly yes
我希望这对其他人有帮助。
我也犯过类似的错误
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: xxxx.pem
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
我的问题是,由于第3步的run-on- startup脚本上的错误,实例没有正确启动:在高级详细信息下配置实例详细信息:
我心里想的是:
# include
https://xxxx/bootstrap.sh
实际输入的内容会破坏实例设置
# include
https://xxxx/bootstrap.sh
因此没有创建实例端的公钥