文章目录
小结
Xshell远程登录AWS EC2 Linux实例碰到些问题,进行解决并记录。
问题
在AWS中创建 EC2 Linux实例,生成的非对称密钥对,使用Xshell远程登录碰到一些问题。
解决
首先在Putty中可以使用的ppk密钥文件在Xshell中是使用不了的,需要使用PUTTYGEN.EXE进行导出为Open SSH的密钥,导出密钥后使用Xshell进行登录。这里注意,完程主机是存放的公钥,本地主机存放的是私钥,用来登录远程主机。
碰到的第一个问题:选择公钥后,反复弹出同样的SSH User Authentication界面,这里我碰到的问题是登录的用户名写错了,区别大小写,例如administrator,写成了Administrator,改好后就可以登录了。
碰到的第二个问题是从Linux机器登录失败。
创建了/root/.ssh/id_rsa文件,并的是先前PUTTYGEN.EXE生成的Open SSH的密(私)钥写入,内容类似如下:
shell
[root@Master ]# cat /root/.ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
xxxxxxxxxxxxxxxxxxxxxxx
yyyyyyyyyyyyyyyyyyyyyy
..........
-----END RSA PRIVATE KEY-----
[root@Master ]# 进行登录,报以下错:
shell
[root@Master ]# ssh -vvv administrator@1.2.3.4
...
debug1: Trying private key: /root/.ssh/id_rsa
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/root/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/root/.ssh/id_rsa": bad permissions
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ecdsa
debug3: no such identity: /root/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ed25519
debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: /root/.ssh/id_xmss
debug3: no such identity: /root/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
administrator@1.2.3.4: Permission denied (publickey).进行以下修改权限操作解决问题:
shell
[root@Master ]# chmod 700 /root/.ssh/id_rsa参考
Alibaba Cloud: Putty PPK file to Xshell key file for use
CSDN: Putty的ppk文件转成Xshell使用的key文件
Access EC2 instance using Putty
How To Configure SSH Key-Based Authentication on a Linux Server
AWS User Guide for Linux Instances - Create key pairs