Ubuntu Amazon实例不再允许使用私钥登录
我已经经历了这么多这样的问题,但没有一个有效,但我也可以确定这是什么时候发生的,这样我就可以添加另一层的细节 大多数解决方案表明,询问者是:Ubuntu Amazon实例不再允许使用私钥登录,ubuntu,amazon-web-services,ssh,Ubuntu,Amazon Web Services,Ssh,我已经经历了这么多这样的问题,但没有一个有效,但我也可以确定这是什么时候发生的,这样我就可以添加另一层的细节 大多数解决方案表明,询问者是: 使用不正确的键 用户名不正确。这是一个Ubuntu映像,我尝试了“Ubuntu”、“ec2用户”和我在机器上为自己创建的新用户名。没有工作;都是相同的错误消息 任何一个实例都建议尝试:ssh-i kename.pemusername@host-vvv,这是我过去一直采用的方式。。。。直到我重新整理了我的客户机。从那以后,我得到了附加的ssh跟踪 我已经尝试
ssh-i kename.pemusername@host-vvv
,这是我过去一直采用的方式。。。。直到我重新整理了我的客户机。从那以后,我得到了附加的ssh跟踪
我已经尝试了第二级尝试,从我被锁定的服务器创建一个AMI,启动一个新实例,创建一个新密钥,并尝试登录到新实例。那里运气不好
所以,我的问题是:旧机器上是否有某种东西,可能是我的公钥或其他东西,我不再拥有,因此无法连接到任何实例?我的印象是,您只需要私钥进行身份验证。除了使用SSH协议登录机器之外,我对SSH协议的了解非常少,下面的跟踪似乎没有给我任何提示,说明这在哪里会发生故障,除了“debug1:服务器不允许漫游”,但这可能与此无关,而且我正在做比它更重要的事情
我希望这个问题的重新想象部分能为这个问题提供一些其他的线索
OpenSSH_5.9p1, OpenSSL 1.0.0e 6 Sep 2011
debug2: ssh_connect: needpriv 0
debug1: Connecting to **hostname** [**hostname**] port 22.
debug1: Connection established.
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_rsa-cert type -1
debug1: identity file /.ssh/id_dsa type -1
debug1: identity file /.ssh/id_dsa-cert type -1
debug1: identity file /.ssh/id_ecdsa type -1
debug1: identity file /.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.4
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.4 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug2: fd 100 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: zlib@openssh.com,zlib,none
debug2: kex_parse_kexinit: zlib@openssh.com,zlib,none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 zlib@openssh.com
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 zlib@openssh.com
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA ea:b9:58:59:16:ff:cc:89:72:50:ab:f7:8f:40:ef:3b
The authenticity of host '**hostname** (**hostname**)' can't be established.
ECDSA key fingerprint is ea:b9:58:59:16:ff:cc:89:72:50:ab:f7:8f:40:ef:3b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '**hostname**' (ECDSA) to the list of known hosts.
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /.ssh/id_rsa (0x0)
debug2: key: /.ssh/id_dsa (0x0)
debug2: key: /.ssh/id_ecdsa (0x0)
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /.ssh/id_rsa
debug1: could not open key file '/.ssh/id_rsa': Invalid argument
debug1: Trying private key: /.ssh/id_dsa
debug1: could not open key file '/.ssh/id_dsa': Invalid argument
debug1: Trying private key: /.ssh/id_ecdsa
debug1: could not open key file '/.ssh/id_ecdsa': Invalid argument
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
OpenSSH_5.9p1、OpenSSL 1.0.0e 2011年9月6日
debug2:ssh\u connect:needpriv 0
debug1:连接到**主机名**[**主机名**]端口22。
debug1:已建立连接。
debug1:identity file/.ssh/id\u rsa类型-1
debug1:identity file/.ssh/id\u rsa-cert类型-1
debug1:identity file/.ssh/id_dsa类型-1
debug1:identity file/.ssh/id_dsa-cert类型-1
debug1:identity file/.ssh/id_ecdsa type-1
debug1:identity file/.ssh/id_ecdsa-cert type-1
debug1:远程协议版本2.0,远程软件版本OpenSSH_5.9p1 Debian-5ubuntu1.4
debug1:match:OpenSSH_5.9p1 Debian-5ubuntu1.4 pat OpenSSH*
debug1:启用协议2.0的兼容模式
debug1:本地版本字符串SSH-2.0-OpenSSH_5.9
调试2:fd 100设置O_非块
debug1:SSH2\u MSG\u KEXINIT已发送
debug1:SSH2\u MSG\u KEXINIT已收到
debug2:kex_parse_kexinit:ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2:kex_parse_kexinit:ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh rsa证书-v01@openssh.com,ssh-dss证书-v01@openssh.com,ssh rsa证书-v00@openssh.com,ssh-dss证书-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh rsa,ssh dss
debug2:kex_parse_kexinit:aes128 ctr、aes192 ctr、aes256 ctr、arcfour256、arcfour128、aes128 cbc、3des cbc、河豚cbc、cast128 cbc、aes192 cbc、aes256 cbc、arcfour、rijndael-cbc@lysator.liu.se
debug2:kex_parse_kexinit:aes128 ctr、aes192 ctr、aes256 ctr、arcfour256、arcfour128、aes128 cbc、3des cbc、河豚cbc、cast128 cbc、aes192 cbc、aes256 cbc、arcfour、rijndael-cbc@lysator.liu.se
debug2:kex_parse_kexinit:hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2:kex_parse_kexinit:hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2:kex_parse_kexinit:zlib@openssh.com,zlib,无
debug2:kex_parse_kexinit:zlib@openssh.com,zlib,无
debug2:kex_parse_kexinit:
debug2:kex_parse_kexinit:
debug2:kex_parse_kexinit:first_kex_跟随0
debug2:kex_parse_kexinit:保留0
debug2:kex_parse_kexinit:ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2:kex_parse_kexinit:ssh rsa,ssh dss,ecdsa-sha2-nistp256
debug2:kex_parse_kexinit:aes128 ctr、aes192 ctr、aes256 ctr、arcfour256、arcfour128、aes128 cbc、3des cbc、河豚cbc、cast128 cbc、aes192 cbc、aes256 cbc、arcfour、rijndael-cbc@lysator.liu.se
debug2:kex_parse_kexinit:aes128 ctr、aes192 ctr、aes256 ctr、arcfour256、arcfour128、aes128 cbc、3des cbc、河豚cbc、cast128 cbc、aes192 cbc、aes256 cbc、arcfour、rijndael-cbc@lysator.liu.se
debug2:kex_parse_kexinit:hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2:kex_parse_kexinit:hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2:kex_parse_kexinit:none,zlib@openssh.com
debug2:kex_parse_kexinit:none,zlib@openssh.com
debug2:kex_parse_kexinit:
debug2:kex_parse_kexinit:
debug2:kex_parse_kexinit:first_kex_跟随0
debug2:kex_parse_kexinit:保留0
debug2:mac_安装程序:找到hmac-md5
debug1:kex:server->client aes128 ctr hmac-md5zlib@openssh.com
debug2:mac_安装程序:找到hmac-md5
debug1:kex:客户端->服务器aes128 ctr hmac-md5zlib@openssh.com
debug1:发送SSH2\u MSG\u KEX\u ECDH\u INIT
debug1:需要SSH2\u MSG\u KEX\u ECDH\u回复
debug1:服务器主机密钥:ECDSA ea:b9:58:59:16:ff:cc:89:72:50:ab:f7:8f:40:ef:3b
无法建立主机“**主机名**(**主机名**)”的真实性。
ECDSA密钥指纹是ea:b9:58:59:16:ff:cc:89:72:50:ab:f7:8f:40:ef:3b。
是否确实要继续连接(是/否)?对
警告:已将“**主机名**”(ECDSA)永久添加到已知主机列表中。
debug1:ssh\u ecdsa\u验证:签名正确
debug2:kex_派生_键
debug2:设置新键:模式