Amazon Ec2 인스턴스에 SSH 시도-권한 오류
이것은 아마도 어떤 사람들에게는 어리석은 간단한 질문 일 것입니다 :)
Amazon EC2에서 새 Linux 인스턴스를 생성했으며 그 일부로 SSH를 사용할 수 있도록 .pem 파일을 다운로드했습니다.
내가 ssh를 시도했을 때 :
ssh -i myfile.pem <public dns>
나는 얻었다 :
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for 'amazonec2.pem' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: amazonec2.pem
Permission denied (publickey).
다음은 이 게시물에 나는 +600에게 PEM 파일을 chmod를하려고했으나 지금은 I를 ssh를 할 때 단지 수 :
Permission denied (publickey).
내가 여기서 어떤 남학생 오류를 만들고 있습니까? .pem 파일은 내 홈 폴더 (osx)에 있습니다. 권한은 다음과 같습니다.
-rw-------@ 1 mattroberts staff 1696 19 Nov 11:20 amazonec2.pem
문제는 파일에 잘못된 모드가 있습니다.
실행하여 쉽게 해결-
chmod 400 mykey.pem
Amazon의 지침에서 발췌-
SSH가 작동하려면 키 파일을 공개적으로 볼 수 없어야합니다. 필요한 경우 다음 명령을 사용하십시오. chmod 400 mykey.pem
로그인에 잘못된 사용자 이름을 사용하고있을 수 있습니다.
- 대부분의 Ubuntu 이미지에는 사용자가 있습니다.
ubuntu - Amazon의 AMI는
ec2-user - 대부분의 데비안 이미지에는
root또는admin
로그인하려면 ssh 명령을 조정해야합니다.
ssh -l USERNAME_HERE -i .ssh/yourkey.pem public-ec2-host
HTH
나는 이것이 게임에 매우 늦었다 는 것을 알고 있지만 이것은 항상 나를 위해 작동합니다.
1 단계
ssh-add ~/.ssh/KEY_PAIR_NAME.pem
2 단계, 간단히 ssh in :)
ssh user_name@<instance public dns/ip>
예 :
ssh ec2-user@ec2-198-51-100-1.compute-1.amazonaws.com
이것이 누군가를 돕기를 바랍니다.
좋아, 나를 위해 일한 유일한 것은 :
키 권한 변경
chmod 400 mykey.pem
ec2-user 및 올바른 ec2-99 ... 주소 를 사용하여 로그인해야 합니다. ec2-99 주소는 로그인 한 상태에서 인스턴스 목록을 볼 때 AWS 콘솔 하단에 있습니다.
ssh -i mykey.pem ec2-user@ec2-99-99-99-99.compute-1.amazonaws.com
한 번 봐 가지고 이 기사를 . 퍼블릭 DNS가 아니라 형식을 사용합니다.
ssh -i your.pem root@ec2-XXX-XXX-XXX-XXX.z-2.compute-1.amazonaws.com
AMI 패널에 이름이 표시되는 위치
Change permission for the key file with :
chmod 400 key-file-name.pem
See AWS documentation for connecting to the instance:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html#EC2_ConnectToInstance_Linux
In windows you can go to the properties of the pem file, and go to the security tab, then to advance button.
remove inheritance and all the permissions. then grant yourself the full control. after all SSL will not give you the same error again.
I know this question has been answered already but for those that have tried them all and you are still getting the annoying "Permission denied (publickey)". Try running your command with SUDO. Of course this is a temporary solution and you should set permissions correctly but at least that will let you identify that your current user is not running with the privileges you need (as you assumed)
sudo ssh -i amazonec2.pem ec2-xxx-xxx-xxx-xxx.us-west-2.compute.amazonaws.com
Once you do this you'll get a message like this:
Please login as the user "ec2-user" rather than the user "root"
Which is also sparsely documented. In that case just do this:
sudo ssh -i amazonec2.pem ec2-xxx-xxx-xxx-xxx.us-west-2.compute.amazonaws.com -l ec2-user
And you'll get the glorious:
__| __|_ )
_| ( / Amazon Linux AMI
___|\___|___|
In Mac terminal, doing "chmod 400 xyz.pem" did not help me, it kept saying permission denied. For ubuntu users I would suggest
ssh-add xyz.pemssh -i xyz.pem ubuntu@ec2-54-69-172-118.us-west-2.compute.amazonaws.com(notice the user is ubuntu)
SSH keys and file permission best practices:
- .ssh directory - 0700 (only by owner)
- private key/.pem file - 0400 (read only by owner)
public key/.pub file - 0600 (read & write only by owner)
chmod XXXX file/directory
ssh -i /.pem user@host-machine-IP
I think it's because either you have entered wrong credentials or, you are using a public key rather than private key or, your port permissions are open for ALL to ssh. This is bad for Amazon.
Alternative log-in using PuTTY. Its good but needs a few steps.
- Get your .pem that was generated when you first made the EC2 instance.
- Convert the .pem file .ppk using PuttyGen since PuTTY does not read .pem.
- Open PuTTY and enter your Host Name which is your instance username + Public DNS (Ex. ubuntu@ec2-xxx-xxx-xxx-xxx.region.compute.amazonaws.com). Not your AWS account username.
- Then navigate to Connection > SSH > Auth. Then add your .ppk file. Click on Browse where it says "Private key file for authentication".
- Click Open and you should be able to immediately establish connection.
Im using PuTTY 0.66 in Windows.
In addition to the other answers, here is what I did in order for this to work:
- Copy the key to .ssh folder if you still hadn't:
cp key.pem ~/.ssh/key.pem
- Give the proper permissions to the key
chmod 400 ~/.ssh/key.pem
- Start ssh-agent (Thanks to https://stackoverflow.com/a/17848593 )
eval `ssh-agent -s` ssh-add
- Then, add the key
ssh-add ~/.ssh/key.pem
Now you should be able to ssh EC2 (:
Do a chmod 400 yourkeyfile.pem If your instance is Amazon linux then use ssh -i yourkeyfile.pem ec2-user@ip for ubuntu ssh -i yourkeyfile.pem ubuntu@ip for centos ssh -i yourkeyfile.pem centos@ip
There can be three reasons behind this error.
- Your are using a wrong key.
- Your key doesn't have the correct permissions. You need to chmod it to 400.
- You are using the wrong user. Ubuntu images have a user ubuntu, Amazon's AMI is ec2-user and debian images have either root or admin
The issue for me was that my .pem file was in one of my NTFS partitions. I moved it to my linux partition (ext4).
Gave required permissions by running:
chmod 400 my_file.pem
And it worked.
Well, looking at your post description I feel there were 2 mistakes done by you:-
Set correct permissions for the private key. Below command should help you to set correct file permision.
chmod 0600 mykey.pemWrong ec2 user you are trying to login.
Looking at your debug log I think you have spawned an Amazon linux instance. The default user for that instance type is
ec2-user. If the instance would have been ubuntu then your default user would have beenubuntu.ssh -i privatekey.pem default_ssh_user@server_ip
Note: For an Amazon Linux AMI, the default user name is ec2-user. For a Centos AMI, the default user name is centos. For a Debian AMI, the default user name is admin or root. For a Fedora AMI, the default user name is ec2-user or fedora. For a RHEL AMI, the default user name is ec2-user or root. For a SUSE AMI, the default user name is ec2-user or root. For an Ubuntu AMI, the default user name is ubuntu. Otherwise, if ec2-user and root don't work, check with the AMI provider.
source: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html
Checklist:
Are you using the right private key .pem file?
Are its permissions set correctly? (My Amazon-brand AMIs work with 644, but Red hat must be at least 600 or 400. Don't know about Ubuntu.)
Are you using the right username in your ssh line? Amazon-branded = "ec2-user", Red Hat = "root", Ubuntu = "ubuntu". User can be specified as "ssh -i pem usename@hostname" OR "ssh -l username -i pem hostname"
Just change the permission of pem file to 0600 allowing only for the allowed user and it will work like charm.
sudo chmod 0600 myfile.pem
And then try to ssh it will work perfectly.
ssh -i myfile.pem <<ssh_user>>@<<server>>
BY default permission are not allowing the pem key. You just have to change the permission:
chmod 400 xyz.pem
and if ubuntu instance then connect using:
ssh -i xyz.pem ubuntu@ec2-youraws.amazonaws.com
Key file should not be publicly viewable so use permission 400
chmod 400 keyfile.pem
If above command shows permission error use
sudo chmod 400 keyfile.pem
Now ssh into the ec2 machine, if you still face the issue, use ec2-user
ssh -i keyfile.pem ec2-user@ec2-12-34-56-78.compute-1.amazonaws.com
What fixed this for me was to move the .pem file within the apps directory. Soo say fooapp is the name of my app. I placed it directly in there.
Following are the simple steps for Linux user to connect with the server using .pem file:
Step1: To to the location of pem file and copy it to home .ssh location.
cp example.pem ~/.ssh/example.pem
Step2: Change the permission
chmod 400 ~/.ssh/example.pem
Step3: Run the following command
ssh -i ~/.ssh/example.pem ec2-user@host.com
As this command is too long so you sould create the alias of this using following commands:
vim ~/.bashrc
Write the same command in the following manner at the last.
alias sshConnect='ssh -i ~/.ssh/example.pem ec2-user@host.com'
Now restart your system and use sshConnect to connect with your server.
It is just a permission issue with your aws pem key.
Just change the permission of pem key to 400 using below command.
chmod 400 pemkeyname.pem
If you don't have permission to change the permission of a file you can use sudo like below command.
sudo chmod 400 pemkeyname.pem
I hope this should work fine.
I have seen two reasons behind this issue
1) access key does not have the right permission. pem keys with default permission are not allowed to make a secure connection. You just have to change the permission:
chmod 400 xyz.pem
2) Also check whether you have logged-in with proper user credentials. Otherwise, use sudo while connecting
sudo ssh -i {keyfile} ec2-user@{ip address of remote host}
Your key must not be publicly viewable for SSH to work. Use this command if needed:
chmod 400 Interview-apps.pem
Connect to your instance using its Public DNS:
ec2-**-***-***-***.us-west-2.compute.amazonaws.com
Example:
ssh -i "Interview-apps.pem" ec2-user@ec2-**-***-***-***.us-west-2.compute.amazonaws.com
Sometimes there may be a error in the folder. I do not know why...
You can change the folder and try again. For example, you can experiment in the usual (Desktop, Downloads and etc) folders.
I tried this method and worked
This error is only because of permission.
Just give the permission 600
#chmod 600 pemfilepath
'your programing' 카테고리의 다른 글
| AMD 프로세서로 AVD를 시작하는 중 오류 (0) | 2020.09.30 |
|---|---|
| 스트림을 C #으로 파일에 저장하려면 어떻게합니까? (0) | 2020.09.30 |
| []이 list ()보다 빠른 이유는 무엇입니까? (0) | 2020.09.30 |
| xkcd 스타일 그래프를 어떻게 만들 수 있습니까? (0) | 2020.09.30 |
| C ++ 싱글 톤 디자인 패턴 (0) | 2020.09.30 |