我必须更改实例上的密钥对。我已创建原始实例的 EBS AMI 映像,并使用该映像创建了新映像。我可以 ping 实例,但 ssh 连接被拒绝。
可能导致问题的一件事是,apache 上的我的 ssl 证书需要密码,因为这是我在系统日志中能看到的最后一件事。
系统日志:
Xen Minimal OS!
start_info: 0x1890000(VA)
nr_pages: 0x1e0000
shared_inf: 0xbf217000(MA)
pt_base: 0x1893000(VA)
nr_pt_frames: 0x11
mfn_list: 0x990000(VA)
mod_start: 0x0(VA)
mod_len: 0
flags: 0x0
cmd_line: root=/dev/sda1 ro 4
stack: 0x94f860-0x96f860
MM: Init
_text: 0x0(VA)
_etext: 0x5ffbd(VA)
_erodata: 0x78000(VA)
_edata: 0x80ae0(VA)
stack start: 0x94f860(VA)
_end: 0x98fe68(VA)
start_pfn: 18a7
max_pfn: 1e0000
Mapping memory range 0x1c00000 - 0x1e0000000
setting 0x0-0x78000 readonly
skipped 0x1000
MM: Initialise page allocator for 27a0000(27a0000)-1e0000000(1e0000000)
MM: done
Demand map pfns at 1e0001000-21e0001000.
Heap resides at 21e0002000-41e0002000.
Initialising timer interface
Initialising console ... done.
gnttab_table mapped at 0x1e0001000.
Initialising scheduler
Thread "Idle": pointer: 0x21e0002010, stack: 0x36f0000
Initialising xenbus
Thread "xenstore": pointer: 0x21e00027c0, stack: 0x3700000
Dummy main: start_info=0x96f960
Thread "main": pointer: 0x21e0002f70, stack: 0x3710000
"main" "root=/dev/sda1" "ro" "4"
vbd 2049 is hd0
******************* BLKFRONT for device/vbd/2049 **********
backend at /local/domain/0/backend/vbd/513/2049
Failed to read /local/domain/0/backend/vbd/513/2049/feature-barrier.
Failed to read /local/domain/0/backend/vbd/513/2049/feature-flush-cache.
16777216 sectors of 512 bytes
**************************
Press `ESC' to enter the menu... 4
Press `ESC' to enter the menu... 3
Press `ESC' to enter the menu... 2
Press `ESC' to enter the menu... 1
Press `ESC' to enter the menu... 0
[H
[J Booting '2.6.32-5-xen-amd64'
root (hd0)
Filesystem type is ext2fs, using whole disk
kernel /boot/vmlinuz-2.6.32-5-xen-amd64 root=/dev/xvda1 ro
initrd /boot/initrd.img-2.6.32-5-xen-amd64
close blk: backend at /local/domain/0/backend/vbd/513/2049
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Linux version 2.6.32-5-xen-amd64 (Debian 2.6.32-48squeeze1) ([email protected]) (gcc version 4.3.5 (Debian 4.3.5-4) ) #1 SMP Mon Feb 25 02:51:39 UTC 2013
[ 0.000000] Command line: root=/dev/xvda1 ro
[ 0.000000] KERNEL supported cpus:
[ 0.000000] Intel GenuineIntel
[ 0.000000] AMD AuthenticAMD
[ 0.000000] Centaur CentaurHauls
[ 0.000000] ACPI in unprivileged domain disabled
[ 0.000000] released 0 pages of unused memory
[ 0.000000] BIOS-provided physical RAM map:
[ 0.000000] Xen: 0000000000000000 - 00000000000a0000 (usable)
[ 0.000000] Xen: 00000000000a0000 - 0000000000100000 (reserved)
[ 0.000000] Xen: 0000000000100000 - 00000001e0000000 (usable)
[ 0.000000] DMI not present or invalid.
[ 0.000000] last_pfn = 0x1e0000 max_arch_pfn = 0x400000000
[ 0.000000] last_pfn = 0x100000 max_arch_pfn = 0x400000000
[ 0.000000] init_memory_mapping: 0000000000000000-0000000100000000
[ 0.000000] init_memory_mapping: 0000000100000000-00000001e0000000
[ 0.000000] RAMDISK: 0170a000 - 02fbb000
[ 0.000000] No NUMA configuration found
[ 0.000000] Faking a node at 0000000000000000-00000001e0000000
[ 0.000000] Bootmem setup node 0 0000000000000000-00000001e0000000
[ 0.000000] NODE_DATA [0000000000008000 - 000000000000ffff]
[ 0.000000] bootmap [0000000000010000 - 000000000004bfff] pages 3c
[ 0.000000] (8 early reservations) ==> bootmem [0000000000 - 01e0000000]
[ 0.000000] #0 [0000000000 - 0000001000] BIOS data page ==> [0000000000 - 0000001000]
[ 0.000000] #1 [0003ebe000 - 0003ee1000] XEN PAGETABLES ==> [0003ebe000 - 0003ee1000]
[ 0.000000] #2 [0000006000 - 0000008000] TRAMPOLINE ==> [0000006000 - 0000008000]
[ 0.000000] #3 [0001000000 - 00016e9b04] TEXT DATA BSS ==> [0001000000 - 00016e9b04]
[ 0.000000] #4 [000170a000 - 0002fbb000] RAMDISK ==> [000170a000 - 0002fbb000]
[ 0.000000] #5 [0002fbb000 - 0003ebe000] XEN START INFO ==> [0002fbb000 - 0003ebe000]
[ 0.000000] #6 [0000100000 - 00008df000] PGTABLE ==> [0000100000 - 00008df000]
[ 0.000000] #7 [0003ee1000 - 00045e5000] PGTABLE ==> [0003ee1000 - 00045e5000]
[ 0.000000] Zone PFN ranges:
[ 0.000000] DMA 0x00000000 -> 0x00001000
[ 0.000000] DMA32 0x00001000 -> 0x00100000
[ 0.000000] Normal 0x00100000 -> 0x001e0000
[ 0.000000] Movable zone start PFN for each node
[ 0.000000] early_node_map[2] active PFN ranges
[ 0.000000] 0: 0x00000000 -> 0x000000a0
[ 0.000000] 0: 0x00000100 -> 0x001e0000
[ 0.000000] SFI: Simple Firmware Interface v0.7 http://simplefirmware.org
[ 0.000000] SMP: Allowing 2 CPUs, 0 hotplug CPUs
[ 0.000000] No local APIC present
[ 0.000000] APIC: disable apic facility
[ 0.000000] PM: Registered nosave memory: 00000000000a0000 - 0000000000100000
[ 0.000000] PCI: Warning: Cannot find a gap in the 32bit address range
[ 0.000000] PCI: Unassigned devices with 32bit resource registers may break!
[ 0.000000] Allocating PCI resources starting at 1e0100000 (gap: 1e0100000:400000)
[ 0.000000] Booting paravirtualized kernel on Xen
[ 0.000000] Xen version: 3.4.3-2.6.18 (preserve-AD)
[ 0.000000] NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:2 nr_node_ids:1
[ 0.000000] PERCPU: Embedded 30 pages/cpu @ffff88000af4a000 s90392 r8192 d24296 u122880
[ 0.000000] pcpu-alloc: s90392 r8192 d24296 u122880 alloc=30*4096
[ 0.000000] pcpu-alloc: [0] 0 [0] 1
[44691177.425251] Xen: using vcpu_info placement
[44691177.425257] Built 1 zonelists in Node order, mobility grouping on. Total pages: 1937086
[44691177.425259] Policy zone: Normal
[44691177.425262] Kernel command line: root=/dev/xvda1 ro
[44691177.425278] PID hash table entries: 4096 (order: 3, 32768 bytes)
[44691177.425643] Initializing CPU#0
[44691177.425931] Checking aperture...
[44691177.432874] No AGP bridge found
[44691177.493621] Memory: 7626464k/7864320k available (3156k kernel code, 384k absent, 237472k reserved, 2068k data, 604k init)
[44691177.493677] SLUB: Genslabs=14, HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1
[44691177.493707] Hierarchical RCU implementation.
[44691177.493716] NR_IRQS:4352 nr_irqs:544
[44691177.493844] Console: colour dummy device 80x25
[44691177.493929] console [tty0] enabled
[44691177.494148] console [hvc0] enabled
[44691177.494179] installing Xen timer for CPU 0
[44691177.494219] Detected 2266.746 MHz processor.
[44691177.494229] Calibrating delay loop (skipped), value calculated using timer frequency.. 4533.49 BogoMIPS (lpj=9066984)
[44691177.494251] Security Framework initialized
[44691177.494259] SELinux: Disabled at boot.
[44691177.495283] Dentry cache hash table entries: 1048576 (order: 11, 8388608 bytes)
[44691177.497852] Inode-cache hash table entries: 524288 (order: 10, 4194304 bytes)
[44691178.155559] Mount-cache hash table entries: 256
[44691178.155717] Initializing cgroup subsys ns
[44691178.155724] Initializing cgroup subsys cpuacct
[44691178.155730] Initializing cgroup subsys devices
[44691178.155734] Initializing cgroup subsys freezer
[44691178.155739] Initializing cgroup subsys net_cls
[44691178.155776] CPU: L1 I cache: 32K, L1 D cache: 32K
[44691178.155781] CPU: L2 cache: 256K
[44691178.155784] CPU: L3 cache: 4096K
[44691178.155789] CPU 0/0x12 -> Node 0
[44691178.155793] CPU: Unsupported number of siblings 16
[44691178.155798] Performance Events: unsupported p6 CPU model 26 no PMU driver, software events only.
[44691178.155817] SMP alternatives: switching to UP code
[44691178.180976] installing Xen timer for CPU 1
[44691178.181023] SMP alternatives: switching to SMP code
[44691178.204958] Initializing CPU#1
[44691178.205002] CPU: L1 I cache: 32K, L1 D cache: 32K
[44691178.205003] CPU: L2 cache: 256K
[44691178.205004] CPU: L3 cache: 4096K
[44691178.205008] CPU 1/0x12 -> Node 0
[44691178.205010] CPU: Unsupported number of siblings 16
[44691178.788169] Brought up 2 CPUs
[44691178.788456] devtmpfs: initialized
[44691178.791553] Grant table initialized
[44691178.791564] regulator: core version 0.5
[44691178.791630] NET: Registered protocol family 16
[44691178.792305] PCI: setting up Xen PCI frontend stub
[44691178.792880] bio: create slab <bio-0> at 0
[44691178.792983] ACPI: Interpreter disabled.
[44691178.793009] xen_balloon: Initialising balloon driver with page order 0.
[44691178.793054] vgaarb: loaded
[44691178.793119] PCI: System does not support PCI
[44691178.793125] PCI: System does not support PCI
[44691178.793205] Switching to clocksource xen
[44691178.794506] pnp: PnP ACPI: disabled
[44691178.794791] NET: Registered protocol family 2
[44691178.795127] IP route cache hash table entries: 262144 (order: 9, 2097152 bytes)
[44691178.796796] TCP established hash table entries: 524288 (order: 11, 8388608 bytes)
[44691178.799236] TCP bind hash table entries: 65536 (order: 8, 1048576 bytes)
[44691178.799564] TCP: Hash tables configured (established 524288 bind 65536)
[44691178.799573] TCP reno registered
[44691178.799701] NET: Registered protocol family 1
[44691178.799777] Unpacking initramfs...
[44691178.827376] Freeing initrd memory: 25284k freed
[44691178.895904] PCI-DMA: Using software bounce buffering for IO (SWIOTLB)
[44691178.895924] DMA: Placing 64MB software IO TLB between ffff88000af8f000 - ffff88000ef8f000
[44691178.895930] DMA: software IO TLB at phys 0xaf8f000 - 0xef8f000
[44691178.896036] platform rtc_cmos: registered platform RTC device (no PNP device found)
[44691178.896293] audit: initializing netlink socket (disabled)
[44691178.896313] type=2000 audit(1365849617.234:1): initialized
[44691178.902395] HugeTLB registered 2 MB page size, pre-allocated 0 pages
[44691178.903580] VFS: Disk quotas dquot_6.5.2
[44691178.903635] Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
[44691178.903708] msgmni has been set to 14944
[44691178.903939] alg: No test for stdrng (krng)
[44691178.903992] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
[44691178.903999] io scheduler noop registered
[44691178.904002] io scheduler anticipatory registered
[44691178.904006] io scheduler deadline registered
[44691178.904066] io scheduler cfq registered (default)
[44691178.909379] registering netback
[44691178.910997] Linux agpgart interface v0.103
[44691178.911032] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
[44691178.911212] input: Macintosh mouse button emulation as /devices/virtual/input/input0
[44691178.911254] PNP: No PS/2 controller found. Probing ports directly.
[44691178.912070] i8042.c: No controller found.
[44691178.912124] mice: PS/2 mouse device common for all mice
[44691178.912188] rtc_cmos rtc_cmos: rtc core: registered rtc_cmos as rtc0
[44691178.912233] cpuidle: using governor ladder
[44691178.912238] cpuidle: using governor menu
[44691178.912244] No iBFT detected.
[44691178.912512] TCP cubic registered
[44691178.912609] NET: Registered protocol family 10
[44691178.913241] Mobile IPv6
[44691178.913250] NET: Registered protocol family 17
[44691178.913367] registered taskstats version 1
[44691178.913385] XENBUS: Device with no driver: device/vbd/2049
[44691178.913389] XENBUS: Device with no driver: device/vif/0
[44691178.913392] XENBUS: Device with no driver: device/console/0
[44691178.913409] /build/buildd-linux-2.6_2.6.32-48squeeze1-amd64-qu4MIV/linux-2.6-2.6.32/debian/build/source_amd64_xen/drivers/rtc/hctosys.c: unable to open rtc device (rtc0)
[44691178.913444] Initalizing network drop monitor service
[44691178.913517] Freeing unused kernel memory: 604k freed
[44691178.913710] Write protecting the kernel read-only data: 4344k
Loading, please wait...
[44691178.934413] udev[56]: starting version 164
[44691178.967237] Initialising Xen virtual ethernet driver.
Begin: Loading essential drivers ... done.
Begin: Running /scripts/init-premount ... done.
Begin: Mounting root file system ... Begin: Running /scripts/local-top ... done.
Begin: Running /scripts/local-premount ... done.
[44691179.649599] EXT4-fs (xvda1): mounted filesystem with ordered data mode
Begin: Running /scripts/local-bottom ... done.
done.
Begin: Running /scripts/init-bottom ... done.
INIT: version 2.88 booting
Using makefile-style concurrent boot in runlevel S.
Starting the hotplug events dispatcher: udevd[44691185.554840] udev[153]: starting version 164
.
Synthesizing the initial hotplug events...done.
Waiting for /dev to be fully populated...[44691186.889589] input: PC Speaker as /devices/platform/pcspkr/input/input1
done.
hostname: the specified hostname is invalid
Activating swap...done.
Checking root file system...fsck from util-linux-ng 2.17.2
/dev/xvda1: clean, 74337/524288 files, 922654/2097152 blocks
done.
Loading kernel modules...done.
Cleaning up ifupdown....
Activating lvm and md swap...done.
Checking file systems...fsck from util-linux-ng 2.17.2
done.
Setting up networking....
Mounting local filesystems...done.
Activating swapfile swap...done.
Cleaning up temporary files....
Configuring network interfaces...Setting kernel variables ...done.
dhcpcd.sh: interface eth0 has been configured with new IP=10.49.6.210
done.
Cleaning up temporary files....
startpar: service(s) returned failure: hostname.sh ...
[31mfailed!
[39;49m
INIT: Entering runlevel: 2
Using makefile-style concurrent boot in runlevel 2.
resize2fs 1.41.12 (17-May-2010)
The filesystem is already 2097152 blocks long. Nothing to do!
Starting enhanced syslogd: rsyslogd.
Starting SASL Authentication Daemon: saslauthd.
Starting web server: apache2Apache/2.2.16 mod_ssl/2.2.16 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.
Server example.com:443 (RSA)
Enter pass phrase:
如果确实如此,我该如何摆脱它?
答案1
可能导致问题的一件事是,apache 上的我的 ssl 证书需要密码,因为这是我在系统日志中能看到的最后一件事。
是的,这就是您的问题,而且由于 EC2 不提供直接控制台访问,因此没有办法解决。您需要使用无密码 SSL 密钥,或者阻止 Apache 在实例启动时自动启动(这样您就可以在启动后手动启动它)。
如果您需要获取此实例上的内容,则必须将其 EBS 卷安装到另一个实例上以恢复数据,因为该服务器不会像这样重新启动。