用户报告他们无法通过SSH进入AWS中的EC2实例? [英] User is reporting that they've unable to SSH into an EC2 instance in AWS?
问题描述
用户正在执行以下操作:
The user's are doing the following:
$ ssh -i /Users/user1/key.pem centos@10.12.10.10
尝试访问时收到的错误消息如下:
The error message received while trying to access is as follows:
$ ssh -i /Users/user1/key.pem centos@10.12.10.10
centos@10.12.10.10 : Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
推荐答案
AWS支持人员提出了针对此特定问题的新颖解决方案,由于以前没有见过,我不得不在这里分享它.过去,大多数同事使用的方法都是围绕实例停止操作,然后将附加到该实例的EBS卷作为辅助卷安装到另一个EC2实例,然后根据需要安装和编辑它.
A novel solution to this particular problem was presented by the AWS support and I felt compelled to share it here, since I hadn't seen it previously. In the past the method most of my colleagues have used revolved around stopping the instance and then mounting the EBS volume attached to it to another EC2 instance as a secondary volume and then mount it and edit it as needed.
这些方法介绍了传统方法:
These howtos show that traditional method:
- https://n2ws.com/Blog/how-to-guides/connect-aws-ebs-volume-another-instance
- AWS知识中心视频:如果丢失了我的EC2实例,如何恢复对我的EC2实例的访问权限SSH密钥对?
对我来说,这种新方法是利用 #userdata 在启动时在EC2实例中运行一系列命令.
This new method to me was to utilize #userdata to for a sequence of commands to run within the EC2 instance as it boots.
- 在开始之前,请创建您无法通过SSH插入到EC2的卷(卷ID:vol-XXXX)的快照,以防万一.快照本质上是卷的备份.您可以在此文档.
- 停止实例.
- 在控制台中,选择您的实例,然后转到Actions→实例设置→查看/更改用户数据
- 在用户数据"中,将信息放在下面:
#cloud-config
bootcmd:
- [ chmod, 700, /home/centos ]
- [ chmod, 700, /home/centos/.ssh ]
- [ chmod, 600, /home/centos/.ssh/* ]
- [ chmod, 600, /etc/ssh/ssh_host_*_key ]
- [ chmod, 711, /var/empty/sshd ]
- [ chmod, 600, /home/centos/.ssh/authorized_keys ]
- [ sh, -c, "chown -R centos:centos /home/centos" ]
- 启动您的实例.
实例重新启动后,尝试通过 ssh 访问实例.
Once the instance is restarted, attempt to access the instance via ssh.
- 上面的用户数据脚本将纠正实例本身内部的所有所有权和权限问题.
- 如果使用上述用户数据脚本后仍然遇到问题,请告诉我,我们会尽快与您联系.
- 如果先前的步骤可行,请重复步骤1-4,并从用户数据"框中删除内容,以避免该过程在每次实例重新启动时再次重复.
这篇关于用户报告他们无法通过SSH进入AWS中的EC2实例?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
