我的服务器有 *.pem 和 *.ppk 文件,我尝试使用它们通过 ssh 进入。但它显示权限被拒绝。我为此记录了详细日志。但我不明白为什么它说权限被拒绝。它被分发给其他人,他们能够使用相同的密钥从 Windows 登录。但我无法从我的 ubuntu 登录。我在这里列出了我的步骤 L
下载的 ppk 和 ppm 文件移至 .ssh 文件夹然后
chmod 400 *.ppm
chmod 400 *.ppk
chown $USER:$USER *.ppk
chown $USER:$USER *.ppm
ssh -i -v *.ppm [email protected]
然后是调试:
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to ip.ip.ip.ip [ip.ip.ip.ip] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file *.pem type -1
debug1: identity file *.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr [email protected] none
debug1: kex: client->server aes128-ctr [email protected] none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA AA:BB:CC:99:92:67:90:78:56:vv:tt:9l:6y:c7g:67:78
debug1: Host 'ip.ip.ip.ip' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:3
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: *.pem
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey)
如果需要任何其他详细信息,请告诉我。
答案1
返回并查看 .pem 文件的实际文本。它必须看起来像这样:
-----BEGIN RSA PRIVATE KEY-----
.
. (20 odd lines of key)
.
-----END RSA PRIVATE KEY-----
它抱怨“开始标记”,所以你删除或更改了它吗?建议重新复制。.ppk 通常用于 PuTTY,尤其是在 Windows 中。
编辑,采取 II
我只能建议你看一下十六进制转储,然后你可能需要重新生成。如果是 .pem 文件,也请将其命名为 .pem,并将其放在启动的同一文件夹中 (~ ?),或者指定路径。(~/.ssh/xxxx.pem)。
在服务器~/.ssh/authorized_keys 文件夹是常规的,但从客户端的命令行来看,.pem 文件可以位于任何地方。
答案2
假设您的 EC2 Ubuntu 映像的公共 IP 是:52.12.12.0,因为它是一个 Ubuntu 实例,因此它将起作用:
ssh -i .ssh/你的文件名.pem[电子邮件保护]