SSH連接到EC2實例

Question

我正在嘗試SSH到EC實例。

這些是我遵循的步驟，下面是我得到的錯誤。

1. 在Amazon Console中，我創建了一個密鑰對並下載了它

2. 將該pem文件的權限更改為400（如此處所示 ）

3. 進入控制台中正在運行的實例並獲得我的公共DNS

4. 在描述為“ ElasticBeanstalk環境的SecurityGroup”的組中添加了入站規則（SSH），0.0.0.0 / 0。 在控制台的“安全組”選項卡中

5. 在控制台ssh -i <>my_key_filename>.pem ec2-user@<Public DNS>執行此ssh -i <>my_key_filename>.pem ec2-user@<Public DNS>

這是該輸出：

OpenSSH_6.1p1 Debian-4, OpenSSL 1.0.1c 10 May 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com [54.254.148.94] port 22.
debug1: Connection established.
debug1: identity file mykey.pem type -1
debug1: identity file mykey.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.1p1 Debian-4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA a1:2b:92:f6:cf:e3:ed:8a:60:0e:34:c0:27:24:6f:f7
The authenticity of host 'ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com (54.254.148.94)' can't be established.
RSA key fingerprint is a1:2b:92:f6:cf:e3:ed:8a:60:0e:34:c0:27:24:6f:f7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ec2-54-254-148-94.ap-southeast-1.compute.amazonaws.com,54.254.148.94' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: aws_key.pem
debug1: Authentications that can continue: publickey
debug1: Offering DSA public key: id_dsa
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: mailid@gmail.com
debug1: Authentications that can continue: publickey
debug1: Trying private key: mykey.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

另外，我嘗試連接的實例是Amazon Linux實例。

Answer 1

根據您的問題下方的評論：看起來您的步驟順序不正確。

• 首先，您需要創建密鑰對
• 那么您需要告訴ElasticBeanstak在啟動實例時使用該密鑰對

公鑰在第一次啟動時被注入實例。 實例啟動后 ，AWS無法更改密鑰對-AWS沒有連接到您實例的技術方法。 （您可以通過上傳~/.ssh目錄中的文件來手動完成此操作）

要了解有關如何將密鑰對與ElasticBeanstalk一起使用的更多信息，請查看此屏幕截圖

或者只是使用包含.ebextensions的application.config文件創建一個.ebextensions目錄

- namespace: aws:autoscaling:launchconfiguration   
  option_name: EC2Keyname   
  value: "keyname"   

有關自定義ElasticBeanstalk環境的更多詳細信息： http ://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers-ec2.html#customize-containers-format-options

此處列出了可能的值http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-launchconfig.html

有關密鑰對的更多詳細信息，可以在這里找到： http : //docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html

-塞伯