AWS ssh错误'Permission denied（publickey）'

2018-06-13 16:08:25

当我尝试ssh到我的AWS实例时，我得到'Permission denied（publickey）'。

搜索此问题的解决方案通常是确保.pem键具有'chmod 600'的正确权限。另一种解决方案是以root或ec2用户身份登录。我已经尝试了两种。

唯一的一点是，我可以使用相同的密钥并登录到较早的AWS实例，然后尝试登录我新创建的一个并获得权限被拒绝的错误。在AWS中都显示使用相同的“密钥对名称”。因此，如果他们的密钥对在AWS中是相同的，并且密钥在一个框中工作，那么为什么问题在另一个框中？

失败的盒子（同一把钥匙）

$ ssh -v -i .ssh/aws_match.pem root@52.23.xxx.xxx
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to 52.23.xxx.xxx [52.23.xxx.xxx] port 22.
debug1: Connection established.
debug1: identity file .ssh/aws_match.pem type -1
debug1: identity file .ssh/aws_match.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 5c:5b:54:a6:50:ec:3b:ba:aa:4f:00:2a:90:b3:a9:9b
debug1: Host '52.23.195.151' is known and matches the RSA host key.
debug1: Found key in /Users/pumphreyjj/.ssh/known_hosts:12
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: .ssh/aws_match.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).

工作的盒子（同一把钥匙）

$ ssh -v -i .ssh/aws_match.pem root@54.84.xx.xxx
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to 54.84.xx.xxx [54.84.xx.xxx] port 22.
debug1: Connection established.
debug1: identity file .ssh/aws_match.pem type -1
debug1: identity file .ssh/aws_match.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA f0:94:93:93:fa:1d:37:ec:6d:0a:22:78:2e:9c:d1:13
debug1: Host '54.84.81.152' is known and matches the RSA host key.
debug1: Found key in /Users/pumphreyjj/.ssh/known_hosts:3
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: .ssh/aws_match.pem
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to 54.84.xx.xxx ([54.84.xx.xxx]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Last login: Mon Nov  9 10:43:36 2015 from 128.231.xxx.xxx

我看到的唯一区别是OpenSSH版本，但是由AWS安装。我还没有改变盒子。

事实证明，旧的盒子是用特定的图像构建的，而且本地密钥已经上传到AWS了。无论出于何种原因，新盒子都无法使用该密钥。我通过为新盒子创建一个新密钥来解决这个问题，现在工作正常。

链接地址: http://www.djcxy.com/p/38979.html

上一篇: AWS ssh error 'Permission denied (publickey)'

下一篇: Permission denied while connecting Amazon EC2 with GIT trought SSH