服务器拒绝了我们的密钥,将authorized_keys权限设置为777 [英] Server refused our key, set authorized_keys perrmissions to 777
问题描述
我从ec2实例上的主目录中复制了一些文件,出于懒惰,我运行了命令sudo chmod 777/home/ec2-user/*.我猜这使我的.ssh文件夹成为可能,而且authorized_keys也具有777特权.事实证明,如果将authorized_keys设置为777,则无法使用这些密钥将SSH SSH到该框中(因为其他用户可能已经对其进行了更新).
I was copying some files from my home directory on my ec2 instance, and in a fit of laziness, I ran the command sudo chmod 777 /home/ec2-user/*. I guess this made my .ssh folder and possibly the authorized_keys have 777 privileges as well. Well it turns out that if authorized_keys is set to 777, you cannot SSH into the box with those keys (since another user could have updated it).
我的问题是,如何解决此问题并再次登录我的盒子?这是一个ec2实例,所以我必须ssh入.
My question is, how can I fix this and log into my box again? This is an ec2 instance, so I have to ssh in.
推荐答案
要更改权限,您需要访问实例内部的文件.
To Change permissions you'll need to access the files that are inside the Instance.
由于您无法在Instance中使用ssh,因此需要执行以下操作:
Since you can't ssh in the Instance you'll need to do the following things:
- 安排应用程序的停机时间,因为您需要停止实例.
- 备份实例存储(临时卷)中的所有内容.
- 停止实例.
- 从有问题的EC2实例中分离卷.
- 将卷附加到另一个正常工作的EC2实例.
- 将
chmod更改为您的.ssh目录及其文件. - 分离音量.
- 附加到有问题的EC2实例.
- 启动EC2实例.
- 尝试连接到EC2实例.
- Schedule a downtime for your application, because you'll need to stop the instance.
- Back-up everything inside the Instance Store(ephemeral volumes).
- Stop the instance.
- Detach the Volume from the EC2 instance in question.
- Attach the Volume to another working EC2 instance.
- Make the
chmodchanges to your .ssh directory and it's files. - Detach the volume.
- Attach to the EC2 instance in question.
- Start the EC2 Instance.
- Try Connecting to the EC2 instance.
请注意,如果您没有为实例配置弹性IP,则IP地址将更改.
Please note that if you don't have Elastic IP configured for the Instance, the IP address will change.
For more information about attaching volume to EC2 instance refer to this AWS Documentation.
这篇关于服务器拒绝了我们的密钥,将authorized_keys权限设置为777的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
