Amazon Linux AMI ec2实例权限被拒绝(公钥)
[英]Amazon Linux AMI ec2 instance Permission denied (Public key)
问题描述
I have a recurring problem with one instance in AWS. 
我在AWS中有一个实例的问题。
The problem is as follows: 问题如下:
The instance is an Amazon Linux AMI, that contains a Tomcat 6 Server and also has an SFTP connection enabled. 该实例是Amazon Linux AMI,其中包含Tomcat 6 Server并且还启用了SFTP连接。
We can connect via ssh without any problem, but suddenly without any technical intervention we stop being able to connect with ssh. 我们可以通过ssh连接没有任何问题,但突然没有任何技术干预,我们停止能够与ssh连接。 The Tomcat is still available and the sftp connection is still on. Tomcat仍然可用,sftp连接仍然可用。
This problem has already happened sometimes and now is happening more frequently and the post in AWS Forums resolve nothing. 这个问题有时已经发生,现在更频繁地发生,AWS论坛中的帖子什么都不解决。
The ssh traces are these: ssh跟踪是这些:
OpenSSH_7.1p2, OpenSSL 1.0.1g 7 Apr 2014
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file xxxxxxxxxx.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file xxxxxxxxxx.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
debug1: match: OpenSSH_6.2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to xxx.xxx.xxx.xxx:22 as 'ec2-user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 zlib@openssh.com
debug1: kex: client->server aes128-ctr hmac-md5 zlib@openssh.com
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug1: Host 'xxx.xxx.xxx.xxx' is known and matches the RSA host key.
debug1: Found key in /home/mobaxterm/.ssh/known_hosts:21
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: xxxxxxxxx.pem
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
The ssh configuration hasn't changed, the .pem file hasn't changed, the IP hasn't changed. ssh配置没有改变,.pem文件没有改变,IP没有改变。 We have tested it from different devices and the result is the same. 我们已经从不同的设备测试了它,结果是一样的。 We use the ec2-user properly. 我们正确使用ec2-user。
Terminal, Moba Xterm, Jenkins, Putty, Pac Manager can't connect via ssh. 终端,Moba Xterm,Jenkins,Putty,Pac Manager无法通过ssh连接。
We have the same configuration is other instances and this is the only one that suffers this issue. 我们在其他实例中具有相同的配置,这是唯一遇到此问题的实例。
The instance is a r3.xlarge and it is located in us-east-1c, it is linked with a static ip. 该实例是r3.xlarge,它位于us-east-1c,它与静态ip链接。
Thanks a lot. 非常感谢。
1 个解决方案
解决方案1
0 2016-05-11 14:16:38
I don't know why, but there is something that is deleting the ec2-user's authorized_keys file ( /home/ec2-user/.ssh/authorized_keys ). 我不知道为什么,但有些东西正在删除ec2-user的authorized_keys文件( /home/ec2-user/.ssh/authorized_keys )。 If you have a copy of this file and create it again in the original instance the problem will be solved. 如果您拥有此文件的副本并在原始实例中再次创建,则问题将得到解决。
Now I only need to know why this file was deleted, and how it happened. 现在我只需要知道为什么这个文件被删除,以及它是如何发生的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.