问题描述
我已经创建了自己的EBS的AMI,与其他AWS账户共享它,推出新的实例在此基础上的图像与新密钥对,现在当我试图连接到这个新的实例我得到错误:服务器拒绝我们的关键。
I have created my own EBS AMI, shared it with another AWS account, launched NEW instance based on this image with NEW key-pair and now when I am trying to connect to this new instance I am getting error: "Server Refused our key".
这是我做过什么(一步一步):
This is what I did (step by step):
- 在我的个人账户配置的新的CentOS 6.3的服务器(与我个人的密钥对)
- 在该服务器的创建EBS AMI图像
- 在共享这一形象与我的客户的帐户
- 在我的客户推出新的实例帐户在此基础上共享图像+新的密钥对
- 新推出的情况下不想要采取新的密钥对。经过一些测试,我估计,它接受我的个人密钥对来代替。
如何使从我的形象的新实例,接受新的密钥对?我甚至尝试去除原始图像的.ssh / authorized_keys的文件,推出基于这一形象的新实例,无需公钥和仍然没有成功。
How do I make new instance from my image to accept new key-pairs?I even tried removing ".ssh/authorized_keys" file in original image, launch new instance based on this image without public key and still no success.
请指教如何创建,不会被连接到旧密钥对图像
Please advise how to create images that would not be attached to old key-pairs
推荐答案
我有一个类似的问题与错误信息,并在这里是我如何固定它。希望这可以帮助你,或者别人谁是卡住并找到自己的方式在这里:
I had a similar problem with that error message and here is how I fixed it. Hope this helps you, or someone else who is stuck and finds their way here:
- 在AWS控制台确保您的实例是健康的,运行
- 检查你使用了正确的公共DNS地址,上市当你点击一个实例
- 选择安全组从左侧,点击安全组要使用
- 单击入站标签
- 从创建一个新的规则:对话框选择SSH
- 在源把你的IP地址和CIDR值。如果它只是你没有网络上的NAT只使用32作为您的CIDR(例如:。。?/ 32???)
- 点击添加规则
- 单击应用规则更改
- 右键单击您的实例并选择创建映像(EBS AMI)
- 在给它的图片名称在创建图像向导,然后单击创建
- 在很短的时间中选择AMI的从AWS控制台 左侧导航栏
- 右键单击新的AMI,然后单击启动实例
- 在请求实例向导点击继续,直到你必须创建密钥对
- 选择一个密钥对,并利用它记(注:如果你还没有仍然得到了您的.pem文件这个密钥对,你需要生成从左侧导航栏选择密钥对一个新的,创建密钥对等方式取得.pem文件)
- 选择安全组与您的IP地址创建的规则(和32 CIDR - 无子网掩码)
- 单击继续,并在接下来的屏幕上点击启动
- 返回到Instances视图并等待您的实例完全初始化和健康
- 开启PuttyGEN
- 从工具栏中点击转换,并导入密钥
- 导航到文件浏览器的质子交换膜键,打开
- 选择SSH-1(RSA)从参数中
- 把你的密钥对的名字在密钥评论框(只是有效的内部管理)
- 点击保存私钥保存.ppk文件放在文件系统上
- 开启腻子
- 在主机名框中输入公共DNS为您的EC2实例
- 输入端口22
- 从连接类型框中打勾SSH单选按钮
- 点击上的SSH从连接树中的左侧导航栏
- 点击上验证
- 点击浏览,在认证参数中,并打开您的.ppk文件
- 单击会话从左侧导航栏
- 在保存会话文本框中输入该连接的名称,然后单击保存(是这样的话,你就不必经过腻子连接每次设置,并且可以只需双击您保存的连接 - 对于那些不知道)
- 点击打开
- 当提示你可能会使用'EC2用户或Ubuntu的登录名(提示:使用'根',你可能会得到一个消息,告诉你什么是用户名,你应该用代替)
- 在无需输入密码,该.ppk文件将验证您的身份
- 但愿,你现在连接到EC-2实例,好走!
- In the AWS Console ensure your instance is healthy and running
- Check you have used the correct public DNS address, listed when you click on an instance
- Select Security Groups from left hand side and click on the security group you want to use
- Click the Inbound tab
- From the Create a new rule: dialog select SSH
- In source put your IP address and CIDR value. If its just you don't have a NAT on your network just use 32 as your CIDR (eg. ?.?.?.?/32)
- Click Add Rule
- Click Apply Rule Changes
- Right click on your instance and select Create Image (EBS AMI)
- Give it an Image Name in the Create Image wizard and click Create
- After a short time select AMI's from the left hand nav bar in AWS console
- Right click on the new AMI and click Launch Instance
- On the Request Instances Wizard click Continue until you have to Create Key Pair
- Choose a key pair and make note of it(NOTE: If you haven't still got your .pem file for this key pair you will need to generate a new one from selecting Key Pairs on left hand navbar, Create Key Pair etc. to obtain .pem file)
- Select security group with the rule you created for your IP address (and CIDR of 32 - no subnet mask)
- Click continue, and on the next screen click Launch
- Go back to the Instances view and wait until your Instance is fully initialized and healthy
- Open PuttyGEN
- Click Conversions from the Toolbar, and Import Key
- Navigate to your .pem key in the file browser and open it
- Select SSH-1 (RSA) from the Parameters box
- Put your key pair name in the Key comment box (just for good house keeping)
- Click Save private key and save the .ppk file somewhere on your file system
- Open Putty
- Enter the public DNS for your EC2 instance in the Host Name box
- Enter port 22
- Tick SSH radio button from the Connection Type box
- Click on SSH from the Connection tree in the left hand side nav bar
- Click on Auth
- Click Browse in the Authentication parameters box, and open your .ppk file
- Click Session from the left hand nav bar
- Enter a name for this connection in the Saved Sessions text box, and click Save (this is so you don't have to go through the putty connection set up each time, and can just double click your saved connection - for those unaware)
- Click Open
- When prompted for a login name you will probably use 'ec2-user' or 'ubuntu' (TIP: use 'root' and you will probably get a message telling you what username you should use instead!)
- No need for a password, the .ppk file will authenticate you
- Hopefully, you're now connected to the EC-2 instance and good to go!
这篇关于"服务器拒绝了我们的密钥QUOT;私人EBS AMI启动实例后的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!