EC2实例不接受新的密钥对 - 权限被拒绝（公钥） [英] EC2 Instance not accepting new Key Pair - Permission Denied (Public Key)

问题描述

首先，我是一个新出生的AWS（开始寻找到前两天）。我的客户需要一个新的Drupal 6模块，我把它做了，我需要的是上传并设置一些东西。我的客户给了我一个用户名和密码，亚马逊，所以我想他们正在使用AWS。

我可以看到正在运行的实例，我也跟着亚马逊的文档添加一个新的密钥对，并添加我的自定义IP规则SSH访问。问题是，当我尝试通过ssh用一个非常简单和基本的命令来连接

 的ssh -i taskey.pem EC2用户@ EC-XXXX ...... amazonaws.com
 

的效应初探为

 权限被拒绝（公钥）。
 

我的环境萨特斯：

• 关联到正在运行的实例
在安全组我的IP地址存在的SSH规则
• 在新的密钥对添加到正在运行的实例
• key.pem文件有0600权限
• 在我知道这是一个CentOS的机器，因为当我平响应该网站的IP部分说，这是。因此，为什么我用的用户名EC2用户
• 以防万一，我也试着Ubuntu和根。

阅读周围的一些，似乎你不能只是神奇地添加新的密钥对到正在运行的实例。有一个现有的公共密钥我正在运行的实例，但被另一名工人在过去创建的，我无法与他们联系。

我的客户没有任何资料库，因此，你可以想像，为什么我不只是想的东西负荷。如果我打破它，一切都被丢失。

这<一href="http://stackoverflow.com/questions/10369547/amazon-ec2-lost-private-key-how-to-get-access-to-the-server">answer建议删除旧密钥对（一个我有没有.pem文件）。但我不知道是什么的那后果可能。

对不起，这样的noobness但我在赶时间，没有余地去尝试的事情。

在此先感谢。

修改

我选择了创建AMI ...的回答，只是因为这是一个我去了。我喜欢的是旧机器可以保持（关闭），如果出了什么差错所有我所要做的就是再次打开。我的问候安装和卸载硬盘了，投了其他可能的答案，因为它做的另一种方式，在某些情况下，唯一的办法。

遵循的步骤来实现的 SSH访问成功每一步的

1. 停止正在运行的实例
2. 从它创建一个AMI（右击并选择创建映像）
3. 一旦创建我启动它，并把它同具体的原始实例
4. 在我的新的密钥对供应它
5. 重新瞄准我的分配弹性IP（这是唯一的服务我，幸运的是很简单的）。又到
   弹性IP地址，看到了现有的（这不再有任何分配给它，因为原来的 比如被关停。用鼠标右键单击它并选择了副地址和选择新的运行 例如，从在列表中的关联创建的AMI。）
6. 在经过​​我的SSH访问它。

解决方案

您可以不是一个新的密钥对添加到正在运行的实例 - 像它说，在<一个href="http://stackoverflow.com/questions/10369547/amazon-ec2-lost-private-key-how-to-get-access-to-the-server#comment13365164_10369632">comments答案你点。

我怕，如果你无法与人谁拥有原始的质子交换膜文件，您将无法通过SSH连接到该计算机。

您的可以的从它创建一个 AMI 图像，然后创建一个新的机 AMI 与新的密钥对。在那里，你可以做你需要用它来新机器的所有更改，然后，点力所能及的服务。在验证新机是达到标准，你可以终止旧机。

First off, I'm a new-born with AWS (started looking into it two days ago). My client needs a new Drupal 6 module, I have it done, all I need is to upload it and set some things up. My client gave me a username and password for Amazon, so I figured they were using AWS.

I can see the Running Instance, and I've followed Amazon documentation to add a new Key Pair and also add my a custom IP rule for SSH access. Problem is, when I try to connect via ssh with a very simple and basic command

ssh -i taskey.pem ec2-user@ec-x-x-x-x...amazonaws.com

the reponse is

Permission denied (publickey).

Satus of my environment:

• Existing SSH rule for my IP address on the Security Group associated to the running Instance
• New Key Pair added to the running instance
• key.pem file has 0600 permission
• I know it's a Centos machine because when I ping the site's IP part of the response says it is. Hence why I use username ec2-user
• Just in case, I've also tried ubuntu and root.

Reading around some, it seems that you can't just magically add new Key Pairs to running instances. There is an existing public key for my running instance, but it was created in the past by another worker, and I can't contact them.

My client has no repository, hence, as you can imagine, why I'm not just trying loads of things. If I break it, everything gets lost.

This answer suggests to delete the old Key Pair (the one I have no .pem file for). But I don't know what the consequences of that might be.

Sorry for such noobness but I'm in a rush and have no room to try things.

Thanks in advance.

EDIT

I've chosen the "create an AMI..." answer, simply because it's the one I went for. I liked the fact that the old machine could be kept (shut down) and if anything went wrong all I had to do was turn it on again. I up-voted the other possible answer in regards to mounting and unmounting the hard drive, because it's another way of doing it and, in some cases, the only way.

Steps followed to achieve SSH ACCESS SUCCESSFULLY:

1. Stop running instance
2. Create an AMI from it (right click and choose Create Image)
3. Once that was created I launched it and gave it the same specifics as the original instance
4. Supply it with my new key-pair
5. Repointed my assigned elastic-IP (that's the only service I had, luckily very simple). Went to
   Elastic IPs, saw the existing one (which no longer had anything assigned to it since the original instance was shut down. Right clicked it and chose Associate Address and chose the new running instance from the created AMI in the Associate with list.)
6. Checked I had SSH access to it.

解决方案

You cannot add a new key pair to a running instance - like it says in the comments of the answer you point to.

I'm afraid that if you cannot contact a person who has the original .pem file you will not be able to connect to that machine via SSH.

You can create an AMI image from it, and create a new machine from that AMI with the new key-pair. There you could do all the changes you need, and then, point whatever services using it to the new machine. After you verify that the new machine is up to par, you can terminate the old machine.

这篇关于EC2实例不接受新的密钥对 - 权限被拒绝（公钥）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！