ssh来AWS权限被拒绝（公钥）使用Ubuntu @为什么会失败？ [英] ssh to aws permission denied (public key) using ubuntu@ why is it failing?

问题描述

似乎并没有我可以使用SSH连接到AWS虽然我通常不会有github上或Heroku的任何问题。调试低于，我试过@ubuntu和@ EC2用户（它应该是@ubuntu），我也试着创造的.ssh一个配置文件（Windows），并加入ChallengeResponse验证是因为这似乎将其固定到另一个线程，但没有运气。我修改the.pem文件的权限为400。我不明白为什么它说，这一切听起来很正面的，但随后失败，如果我能得到一个更好的想法是什么，我可能是错误能够找到一个解决方案。任何帮助非常AP preciated！

  $的ssh -v -i futurebot2.pem ubuntu@ec2-54-218-75-37.us-west-2.compute.amazonaws.com
OpenSSH_6.2p2，OpenSSL的1.0.1e二〇一三年二月一十一日
DEBUG1：读取配置数据/home/Mark/.ssh/config
DEBUG1：连接到ec2-54-218-75-37.us-west-2.compute.amazonaws.com [54.218.75.37]端口22。
DEBUG1：连接建立。
DEBUG1：标识文件futurebot2.pem类型-1
DEBUG1：标识文件futurebot2.pem证书类型-1
DEBUG1：启用兼容模式协议2.0
DEBUG1：本地版本字符串SSH-2.0-OpenSSH_6.2
DEBUG1：远程协议版本2.0，远程软件版本OpenSSH_5.9p1 Debian的5ubuntu1
DEBUG1：比赛：OpenSSH_5.9p1 Debian的5ubuntu1拍OpenSSH_5 *
DEBUG1：SSH2_MSG_KEXINIT发
DEBUG1：收到SSH2_MSG_KEXINIT
DEBUG1：KEX：服务器 - ＆GT;客户AES128-CTR HMAC-MD5无
DEBUG1：KEX：客户 - ＆GT;服务器AES128-CTR HMAC-MD5无
DEBUG1：发送SSH2_MSG_KEX_ECDH_INIT
DEBUG1：期待SSH2_MSG_KEX_ECDH_REPLY
DEBUG1：服务器主机密钥：ECDSA F2：CD：94：4D：A1：9A：B5：67：CB：F7：91：D7：EF：4D：A4：3D
DEBUG1：主机'ec2-54-218-75-37.us-west-2.compute.amazonaws.com'是已知的和ECDSA主机密钥相匹配。
DEBUG1：在/home/Mark/.ssh/known_hosts:1找到关键
DEBUG1：ssh_ecdsa_verify：签名正确
DEBUG1：SSH2_MSG_NEWKEYS发
DEBUG1：期待SSH2_MSG_NEWKEYS
收到SSH2_MSG_NEWKEYS：DEBUG1
DEBUG1：由服务器不允许漫游
DEBUG1：SSH2_MSG_SERVICE_REQUEST SENT
DEBUG1：收到SSH2_MSG_SERVICE_ACCEPT
DEBUG1：身份验证，可以继续：公钥
DEBUG1：下一个身份验证方法：公钥
DEBUG1：尝试私钥：futurebot2.pem
DEBUG1：读PEM私钥进行：输入RSA
DEBUG1：身份验证，可以继续：公钥
DEBUG1：没有更多的认证方法去尝试。
权限被拒绝（公钥）。
 

解决方案

两个原因，这可能会发生。

1. 该用户不存在，这可能是由于使用了错误的用户或实例，是不是连你自己的（错误的IP地址）

2. 该用户没有你的钥匙在其授权密钥文件。在AWS，您在启动选择项添加到您的实例，但如果你想使用其他的按键，你需要将它们添加到您手动的authorized_keys 文件。

I can't seem to use SSH to connect to AWS although I don't usually have any problems with github or heroku. The debug is below, I've tried @ubuntu and @ec2-user (it should be @ubuntu), I've also tried creating a config file in .ssh (on windows) and adding 'ChallengeResponseAuthentication yes' as that seemed to fix it on another thread, but no luck. I've modified the permissions of the.pem file to 400. I don't understand why it says it all sounds positive but then fails, if I could get a better idea of what the error is I might be able to find a solution. Any help very much appreciated!

$ ssh -v -i futurebot2.pem ubuntu@ec2-54-218-75-37.us-west-2.compute.amazonaws.com
OpenSSH_6.2p2, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /home/Mark/.ssh/config
debug1: Connecting to ec2-54-218-75-37.us-west-2.compute.amazonaws.com [54.218.75.37] port 22.
debug1: Connection established.
debug1: identity file futurebot2.pem type -1
debug1: identity file futurebot2.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA f2:cd:94:4d:a1:9a:b5:67:cb:f7:91:d7:ef:4d:a4:3d
debug1: Host 'ec2-54-218-75-37.us-west-2.compute.amazonaws.com' is known and matches the ECDSA host key.
debug1: Found key in /home/Mark/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: futurebot2.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

解决方案

Two reasons why this might happen.

1. User does not exist, this might be due to connecting with the wrong user or an instance that is not your own (wrong ip address)

2. The user does not have your key in its authorized keys file. In AWS, the key you select at launch is added to your instance, but if you want to use other keys, you need to add them to your authorized_keys file manually.

这篇关于ssh来AWS权限被拒绝（公钥）使用Ubuntu @为什么会失败？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！