SSH连接到EC2实例
[英]SSH connect to EC2 instance
问题描述
I am trying to SSH to an EC instance. 
我正在尝试SSH到EC实例。
These are the steps I followed and below is the error I got. 这些是我遵循的步骤,下面是我得到的错误。
In the Amazon Console, I created a Key Pair and downloaded it
在Amazon Console中,我创建了一个密钥对并下载了它 Changed the permissions of that pem file to 400(as written here )
将该pem文件的权限更改为400(如此处所示 ) Went to the running instances in the console and got my Public DNS
进入控制台中正在运行的实例并获得我的公共DNS Added an inbound rule(SSH),0.0.0.0/0 to the group with description 'SecurityGroup for ElasticBeanstalk environment.'
在描述为“ ElasticBeanstalk环境的SecurityGroup”的组中添加了入站规则(SSH),0.0.0.0 / 0。 in the Security Groups tab in console 在控制台的“安全组”选项卡中 Executed this in console
ssh -i <>my_key_filename>.pem ec2-user@<Public DNS>在控制台ssh -i <>my_key_filename>.pem ec2-user@<Public DNS>执行此ssh -i <>my_key_filename>.pem ec2-user@<Public DNS>
And this is the output for that: 这是该输出:
OpenSSH_6.1p1 Debian-4, OpenSSL 1.0.1c 10 May 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com [54.254.148.94] port 22.
debug1: Connection established.
debug1: identity file mykey.pem type -1
debug1: identity file mykey.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.1p1 Debian-4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA a1:2b:92:f6:cf:e3:ed:8a:60:0e:34:c0:27:24:6f:f7
The authenticity of host 'ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com (54.254.148.94)' can't be established.
RSA key fingerprint is a1:2b:92:f6:cf:e3:ed:8a:60:0e:34:c0:27:24:6f:f7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com,54.254.148.94' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: aws_key.pem
debug1: Authentications that can continue: publickey
debug1: Offering DSA public key: id_dsa
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: mailid@gmail.com
debug1: Authentications that can continue: publickey
debug1: Trying private key: mykey.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
Also, the instance I am trying to connect to is an Amazon Linux instance. 另外,我尝试连接的实例是Amazon Linux实例。
1 个解决方案
解决方案1
1 已采纳 2014-02-03 10:27:15
From your comments below your question : it looks like the order of your steps where incorrect. 根据您的问题下方的评论:看起来您的步骤顺序不正确。
- First you need to create the keypair 首先,您需要创建密钥对
- then you need to tell ElasticBeanstak to use that key pair when it will start your instances 那么您需要告诉ElasticBeanstak在启动实例时使用该密钥对
Public keys are injected into the instances at first boot. 公钥在第一次启动时被注入实例。 It is not possible for AWS to change the keypair after the instance has been started - AWS has no technical way to connect to your instance. 实例启动后 ,AWS无法更改密钥对-AWS没有连接到您实例的技术方法。 (you can do it manually by upload files in ~/.ssh directory) (您可以通过上传~/.ssh目录中的文件来手动完成此操作)
To learn more about how to use keypair with ElasticBeanstalk, have a look at this screenshot 要了解有关如何将密钥对与ElasticBeanstalk一起使用的更多信息,请查看此屏幕截图
Or just create an .ebextensions directory with an application.config file containing 或者只是使用包含.ebextensions的application.config文件创建一个.ebextensions目录
- namespace: aws:autoscaling:launchconfiguration
option_name: EC2Keyname
value: "keyname"
More details about customising ElasticBeanstalk environment : http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers-ec2.html#customize-containers-format-options 有关自定义ElasticBeanstalk环境的更多详细信息: http ://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers-ec2.html#customize-containers-format-options
Possible values are listed here http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-launchconfig.html 此处列出了可能的值http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-launchconfig.html
More details about keypair can be found here : http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html 有关密钥对的更多详细信息,可以在这里找到: http : //docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
--Seb -塞伯
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.