Amazon EC2公钥错误

Question

I had a developer working on my app prior to now. I am taking over the project, as he is now out of the country, and can't get an SSH connection established. I keep getting a publickey error.

Steps taken:

- Created new key pair  
- Downloaded .pem file  
- Set chmod 400 on .pem file  
- ssh -vvv -i ~/.ssh/steve.pem ubuntu@instance ip

Verbose output ended with:

debug2: we sent a publickey packet, wait for reply  
debug1: Authentications that can continue: publickey  
debug2: we did not send a packet, disable method  
debug1: No more authentication methods to try.  
Permission denied (publickey).  

What am I doing wrong?

Answer 1

You can't create a new key pair to access an existing instance. The keypair selected is only installed on the instance when its launched, any additional keys have to be added to the instance directly.

If you need to add a new key to an existing instance, you can do the following:

1. Stop your instance.
2. Detach the root volume.
3. Attach to a new instance as a secondary volume and mount the volume.
4. Update the ~/.ssh/authorized_keys file for the user you are trying to login with. You would put your new public key in this file.
5. Unmount the volume, and reattach it to the original instance.

If you did everything right, you will be able to access the instance after you restart. Unless your in VPC your ip will change when you stop the instance.

Answer 2

I agree with datasage's answer. Another way to get access is to create an AMI image of the current instance and then launch a new instance from that image. When you launch the new instance, you will have the option to create a new key pair or to use an existing one.

Once you can connect to the new instance, you can reassign the Elastic IP (if any) of the old instance to the new one and just terminate the old instance.