向 EC2 添加新密钥
我现在使用的是 Mac,之前我能够从 Windows XP 成功设置和访问 EC2 实例。我想创建一个新密钥以便从 Mac 进行访问,使用控制台管理屏幕生成新密钥,保存 PEM 文件,将文件权限更改为仅所有者 RW,然后尝试 ssh 但无法使其工作。这是我的命令
ssh -v -i .ssh/ec2-mac.pem [email protected]
这是详细的输出
OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to ec2-204-236-143-254.us-west-1.compute.amazonaws.com http://204.236.143.254 port 22.
debug1: Connection established.
debug1: identity file .ssh/ec2-mac.pem type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'ec2-204-236-143-254.us-west-1.compute.amazonaws.com' is known and matches the RSA host key.
debug1: Found key in /Users/bob/.ssh/known_hosts:3
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /Users/bob/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: .ssh/ec2-mac.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
有人知道我缺少什么吗?哦,我可以使用为该实例创建的原始密钥 ssh 进入另一个实例,这使得这更加令人费解。
使用 chmod 600 正确设置权限。我不确定的一件事是,当我列出实例时,在控制面板管理屏幕中,它只显示“密钥对名称”列中的原始值,是否应该同时显示两者?
提前感谢您的帮助。
I'm on a Mac now and previously I was able to set up and access an EC2 instance successfully from Windows XP. I want to create a new key for access from Mac, used the console management screen to generate a new key, saved the PEM file, changed permission on the file to owner RW only and then tried ssh but couldn't get it to work. Here's my command
ssh -v -i .ssh/ec2-mac.pem [email protected]
Here's the verbose output
OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to ec2-204-236-143-254.us-west-1.compute.amazonaws.com http://204.236.143.254 port 22.
debug1: Connection established.
debug1: identity file .ssh/ec2-mac.pem type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'ec2-204-236-143-254.us-west-1.compute.amazonaws.com' is known and matches the RSA host key.
debug1: Found key in /Users/bob/.ssh/known_hosts:3
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /Users/bob/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: .ssh/ec2-mac.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
Anyone know what I'm missing? Oh and I am able to ssh into a different instance with the original key created for that instance making this even more puzzling.
Permissions are set correctly using chmod 600. The one thing I'm not sure is in the control panel management screen when I list Instances, it only shows the original value in "Key Pair Name" column, should it show both?
Thanks for your help in advance.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您不需要为新操作系统创建新密钥。您可以在 MAC 中使用旧的 Windows XP 密钥。
另一点是,当您使用私钥启动实例时,您只能通过该私钥登录。新钥匙没有帮助。
问候,
桑克特·丹吉
You don't need to create new key for new operating system. You can make use of your old Windows XP key in MAC.
Another point is when you launch an instance with a private key, then you can only login through that key only. A new key won't help.
Regards,
Sanket Dangi