我的一个 ec2 实例“patched-server-1”运行的内核版本是 4.18.0-240.1.1.el8_3.x86_64,然后我修补了该服务器,当前内核版本是 4.18.0-425.19.2.el8_7.x86_64,我可以 ssh 到该服务器,然后我从“patched -server-1”创建了一个 AMI 并启动了新的 ec2 实例“patched-server-2”,但我无法 ssh 到它。它给出连接被拒绝的错误。
原因:/etc/ssh 下缺少以下文件。当我使用升级内核的映像创建 ec2 实例时缺少这些文件,导致 sshd 服务启动失败,如果我仅从旧内核创建实例,则不会出现问题。
MISSSING FILES
==============
-rw-r--r-- 1 root root 82 May 2 17:30 ssh_host_ed25519_key.pub
-rw-r----- 1 root ssh_keys 387 May 2 17:30 ssh_host_ed25519_key
-rw-r--r-- 1 root root 162 May 2 17:30 ssh_host_ecdsa_key.pub
-rw-r----- 1 root ssh_keys 492 May 2 17:30 ssh_host_ecdsa_key
-rw-r--r-- 1 root root 554 May 2 17:30 ssh_host_rsa_key.pub
-rw-r----- 1 root ssh_keys 2578 May 2 17:30 ssh_host_rsa_key
ERROR
======
OpenSSH_9.0p1, LibreSSL 3.3.6
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/Users/sharaddubey/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/Users/sharaddubey/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to ec2-3-6-40-188.ap-south-1.compute.amazonaws.com port 22.
ssh: connect to host ec2-3-6-40-188.ap-south-1.compute.amazonaws.com port 22: Connection refused