嗨,我有来自服务器A,B的3个ubuntu EC2实例,我需要SSH到服务器C。我已经在服务器A,B中完成了以下步骤。

1) Created a ssh key for the username - jenkins

从服务器A复制了比服务器B的公钥,并将其添加到服务器c的
2) vi ~/.ssh/authorized_keys

如下所示更改了〜/ .ssh和authorized_key文件的文件夹访问权限
3) chmod 600 ~/.ssh/
   chmod 700 ~/.ssh/authorized_keys

现在从服务器A运行ssh命令,如下所示,它以ubuntu用户身份登录到服务器C。
4) ssh -i privatekey ubuntu@12.12.12.12

当我从服务器B执行相同的操作时,出现以下错误
5) ssh -i privatekey ubuntu@12.12.12.12

错误
 Warning: Identity file -i not accessible: No such file or directory.
 ssh: Could not resolve hostname /var/lib/jenkins/secrets/mykey: Name or service not known
 jenkins@ip-11-11-11-99:/home/ubuntu# ssh -v -i /var/lib/jenkins/secrets/mykey ubuntu@12.12.12.12
 OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g  1 Mar 2016
 debug1: Reading configuration data /etc/ssh/ssh_config
 debug1: /etc/ssh/ssh_config line 19: Applying options for *
 debug1: Connecting to 12.12.12.12 [12.12.12.12] port 22.
 debug1: Connection established.
 debug1: permanently_set_uid: 0/0
 debug1: identity file /var/lib/jenkins/secrets/mykey type 1
 debug1: key_load_public: No such file or directory
 debug1: identity file /var/lib/jenkins/secrets/mykey-cert type -1
 debug1: Enabling compatibility mode for protocol 2.0
 debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
 debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.4 pat OpenSSH* compat 0x04000000
 debug1: Authenticating to 12.12.12.12:22 as 'ubuntu'
 debug1: SSH2_MSG_KEXINIT sent
 debug1: SSH2_MSG_KEXINIT received
 debug1: kex: algorithm: curve25519-sha256@libssh.org
 debug1: kex: host key algorithm: ecdsa-sha2-nistp256
 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
 debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
 debug1: Server host key: ecdsa-sha2-nistp256 SHA256:28Mc4WE3B22oZ2ClomLspX5gQtwmzdNg82XEHgpI+vE
 debug1: Host '12.12.12.12' is known and matches the ECDSA host key.
 debug1: Found key in /root/.ssh/known_hosts:3
 debug1: rekey after 134217728 blocks
 debug1: SSH2_MSG_NEWKEYS sent
 debug1: expecting SSH2_MSG_NEWKEYS
 debug1: rekey after 134217728 blocks
 debug1: SSH2_MSG_NEWKEYS received
 debug1: SSH2_MSG_EXT_INFO received
 debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
 debug1: SSH2_MSG_SERVICE_ACCEPT received
 debug1: Authentications that can continue: publickey
 debug1: Next authentication method: publickey
 debug1: Offering RSA public key: /var/lib/jenkins/secrets/mykey
 debug1: Authentications that can continue: publickey
 debug1: No more authentication methods to try.
 Permission denied (publickey).

但是,当我从服务器B运行SSH以root身份登录时,它以root身份登录
6) ssh -i privatekey root@12.12.12.12

我对服务器B中缺少的内容感到困惑。为什么它忽略以Ubuntu身份登录但却可以正常工作。如果访问权限问题意味着服务器A的工作方式。

有人请提前帮助。

最佳答案

嗨,我怀疑在服务器C中,当您添加服务器B的公钥时,您可能仅已添加到root用户的authorized_keys文件中。确认。 ssh进入服务器C并以Ubuntu用户身份登录,然后使用以下命令运行以检查authorized_keys文件。

 vi ~/.ssh/authorized_keys

我确定您没有在此文件中添加服务器B的公钥。您已将其添加到root用户的authorized_keys中。如果为空或仅存在默认密钥,请添加服务器b公共(public)密钥,然后重试。让我们知道它是否有效。

关于ubuntu - 可以以root用户身份而不是以ubuntu用户身份SSH进入EC2 ubuntu服务器,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/51160818/

10-14 15:59
查看更多