我创建了一个 EC2 实例并停止它,再次启动它。
出现以下错误
Aloks-MacBook-Pro:AWS alokmandloi$ ssh -i working_key.pem [email protected]
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
3d:f2:79:cc:38:66:83:71:1b:86:6c:7e:36:ad:27:bc.
Please contact your system administrator.
Add correct host key in /Users/alokmandloi/.ssh/known_hosts to get rid of this message.
Offending RSA key in /Users/alokmandloi/.ssh/known_hosts:11
RSA host key for ec2-184-73-22-113.compute-1.amazonaws.com has changed and you have requested strict checking.
Host key verification failed.
我查找解决方案并发现http://www.thegeekstuff.com/2010/04/how-to-fix-offending-key-in-sshknown_hosts-file/
这建议我删除known_hosts中的第11个条目。 这样做之后,我收到以下错误
Aloks-MacBook-Pro:AWS alokmandloi$ ssh -v -i working_key.pem [email protected]
OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to ec2-184-73-22-113.compute-1.amazonaws.com [184.73.22.113] port 22.
debug1: Connection established.
debug1: identity file working_key.pem type -1
debug1: identity file working_key.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 3d:f2:79:cc:38:66:83:71:1b:86:6c:7e:36:ad:27:bc
debug1: Host 'ec2-184-73-22-113.compute-1.amazonaws.com' is known and matches the RSA host key.
debug1: Found key in /Users/alokmandloi/.ssh/known_hosts:10
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: working_key.pem
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
答案1
您输入的密钥错误,或者实例的地址错误(实例拒绝了您的密钥)。
答案2
如果您停止并启动实例,您的公共 IP 和主机名会发生变化。即使您使用的是 ElasticIP,‘停止’它也会取消 EIP 的关联。
请检查您的 AWS 控制台并查看新的公共 IP/主机名,您可能正在尝试连接到旧的 DNS 名称,该名称现在可能已分配给其他人的实例。
答案3
这是更好的,因为更多的失败证明删除有问题的主机密钥
ssh-keygen -R hostname
你的情况
ssh-keygen -R ec2-184-73-22-113.compute-1.amazonaws.com
如果你确定你的密钥是正确的,你也可以在.ssh/authorized_keys具有正确权限的服务器上进行验证(700for .ssh/,600for .ssh/authorized_keys)
答案4
当您停止正在运行的实例时,会发生以下情况:
实例执行正常关闭并停止运行;其状态变为正在停止,然后停止。
任何 Amazon EBS 卷都会保持附加到实例,并且其数据也会保留下来。
主机 RAM 或主机实例存储卷中存储的所有数据都将消失。
EC2-Classic:当您停止实例时,我们会释放该实例的公有和私有 IP 地址,并在您重新启动实例时分配新的 IP 地址。
EC2-VPC:实例在停止和重新启动时会保留其私有 IP 地址。当您重新启动时,我们会释放公有 IP 地址并分配一个新 IP 地址。
您的实例一定有新的公网 IP。请检查并尝试使用新 IP 登录您的服务器。