在 AWS VPC 内自由 SSH [英] SSH freely inside AWS VPC

问题描述

如何在 VPC 中配置我的 EC2 机器，使其能够在没有密码或密钥的情况下进行 ssh?

How do I configure my EC2 machines inside a VPC to be able to ssh without password or key between them?

我想要做的是访问一台机器(它有一个公共 IP)，然后从这台机器上自由访问所有其他机器.

What i'm trying to do is access one machine (which has a public IP) and from this machine access all others freely.

有可能吗?

推荐答案

首先，您的 VPC 中的所有机器都需要设置为接受来自您本地机器的密钥 - 是手动分发还是使用由您决定一个自动化工具，例如 Chef 可以为您执行此操作.

Firstly all the machines in your VPC need to be set up to accept the key from your local machine - it's up to you whether you distribute this manually, or use an automated tool such as Chef to do this for you.

接下来你需要在你的本地机器上运行一个 ssh-agent，并给它你的密钥.基本上，这位于后台并在您的 ssh 客户端需要时分发密钥.在 Windows 上，您可以使用 Pageant，它与 PuTTY 配合得很好.如果您使用的是 Linux，则需要运行 ssh-agent，并使用 ssh-add 为其提供密钥.请注意，完全可以自动运行 ssh-agent，因此您仍然可以使用脚本 - 我按照 这个.

Next you need to run an ssh-agent on your local machine, and give it your keys. basically this sits in the background and hands out keys whenever your ssh client needs them. On Windows you can use Pageant, which plays nicely with PuTTY. If you're using Linux, you'll need to run ssh-agent, and use ssh-add to give it your keys. Note that it's perfectly possible to run the ssh-agent automatically, so you can still use scripts - I set mine up following this.

最后，当您与公开可见的 AWS 服务器建立初始连接时，您需要允许 SSH 代理转发.在 PuTTY 中，您可以在 SSH/Auth/Allow agent forwarding 下执行此操作(确保不要指定私钥文件).从 Linux 命令行，您需要编辑您的 ~/.ssh/config 文件.在这里

Finally, you need to allow SSH agent forwarding when you make the initial connection to your publicly visible AWS server. In PuTTY you do this under SSH / Auth / Allow agent forwarding (Make sure you don't specify a private key file). From a Linux command line, you need to edit your ~/.ssh/config file. There's a good guide on setting this up here

这篇关于在 AWS VPC 内自由 SSH的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！