AWS-公鑰在打開ssh時被拒絕

Question

我知道關於AWS和SSH會話存在很多問題，並且我嘗試使用它們，但是都失敗了。

我正在運行一個實例，並且EC2管理控制台給出的ssh字符串是

ssh -i -v jason.pem ubuntu@ec2-54-227-167-156.compute-1.amazonaws.com 

產生輸出

OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to ec2-54-227-167-156.compute-1.amazonaws.com [54.227.167.156] port 22.
debug1: Connection established.
debug1: identity file jason.pem type -1
debug1: identity file jason.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-    5ubuntu1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA ea:b6:50:fe:49:49:90:76:03:91:21:6d:73:0e:04:d2
debug1: Host 'ec2-54-227-167-156.compute-1.amazonaws.com' is known and matches the   ECDSA host key.
debug1: Found key in /home/jason/.ssh/known_hosts:27
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Trying private key: jason.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

我已經完成以下工作：

• 創建新的密鑰對，下載jason.pem並將其設置為0400 chmod權限
• 向/ etc / ssh / ssh_config添加了ChallengeResponseAuthentication yes

到底是什么情況，為什么jason.pem文件不被接受？

Answer 1

您實例上的公鑰與私鑰對不一致。 如果該實例的配置很重要並且您想要保留它（我說這是基於您關閉該實例而不是僅僅創建一個新實例的事實）：

1. 創建一個新的密鑰對
2. 創建要訪問的實例的AMI
3. 使用新的密鑰對從該AMI創建新實例
4. 嘗試使用新下載的密鑰對再次SSH

密鑰對應具有400個權限。