尝试通过SSH进入Amazon Ec2实例-权限错误

本文翻译自：Trying to SSH into an Amazon Ec2 instance - permission error

This is probably a stupidly simple question to some :) 对某些人来说，这可能是一个愚蠢的简单问题：）

I've created a new linux instance on Amazon EC2, and as part of that downloaded the .pem file to allow me to SSH in. 我在Amazon EC2上创建了一个新的linux实例，并且作为其中一部分下载了.pem文件，以允许我进行SSH输入。

When I tried to ssh with: 当我尝试使用ssh时：

ssh -i myfile.pem <public dns>

I got: 我有：

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for 'amazonec2.pem' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: amazonec2.pem
Permission denied (publickey).

Following this post I tried to chmod +600 the pem file, but now when I ssh I just get: 在这篇文章之后，我尝试将+600 pem文件修改为chmod，但是现在当我ssh时，我得到的是：

Permission denied (publickey).

What school-boy error am I making here? 我在这里犯了什么男生错误？ The .pem file is in my home folder (in osx). .pem文件在我的主文件夹中（在osx中​​）。 It's permissions look like this: 它的权限如下所示：

-rw-------@   1 mattroberts  staff    1696 19 Nov 11:20 amazonec2.pem

#1楼

参考：https://stackoom.com/question/YNZY/尝试通过SSH进入Amazon-Ec-实例-权限错误

#2楼

The problem is having wrong mod on the file. 问题是文件上的mod错误。

Easily solved by executing - 执行即可轻松解决-

chmod 400 mykey.pem

Taken from Amazon's instructions - 取自亚马逊的指示-

Your key file must not be publicly viewable for SSH to work. 您的密钥文件必须是公开可见的，SSH才能正常工作。 Use this command if needed: chmod 400 mykey.pem 如果需要，请使用以下命令：chmod 400 mykey.pem

#3楼

ssh -i /.pem user@host-machine-IP ssh -i /.pem user @ host-machine-IP

I think it's because either you have entered wrong credentials or, you are using a public key rather than private key or, your port permissions are open for ALL to ssh. 我认为这是因为您输入了错误的凭据，或者您使用的是公钥而不是私钥，或者您的端口权限对所有人开放给ssh。 This is bad for Amazon. 这对亚马逊不利。

#4楼

Checklist: 清单：

1. Are you using the right private key .pem file? 您使用的私钥.pem文件正确吗？

2. Are its permissions set correctly? 权限设置正确吗？ (My Amazon-brand AMIs work with 644, but Red hat must be at least 600 or 400. Don't know about Ubuntu.) （我的亚马逊品牌AMI可使用644，但是Red hat必须至少为600或400。不了解Ubuntu。）

3. Are you using the right username in your ssh line? 您是否在ssh行中使用了正确的用户名？ Amazon-branded = "ec2-user", Red Hat = "root", Ubuntu = "ubuntu". 亚马逊品牌=“ ec2-user”，Red Hat =“ root”，Ubuntu =“ ubuntu”。 User can be specified as "ssh -i pem usename@hostname" OR "ssh -l username -i pem hostname" 可以将用户指定为“ ssh -i pem usename @ hostname”或“ ssh -l username -i pem hostname”

#5楼

Ok man, the only thing that worked for me was: 好的，唯一对我有用的是：

1. Change permissions of the key 更改密钥的权限

   chmod 400 mykey.pem chmod 400 mykey.pem

2. Make sure to log in using ec2-user , and the correct ec2-99... address. 确保使用ec2-user和正确的ec2-99 ...地址登录。 The ec2-99 address is at the bottom of the aws console when you're logged in and seeing your instance listed 登录并查看列出的实例时，ec2-99地址位于aws控制台的底部

   ssh -i mykey.pem ec2-user@ec2-99-99-99-99.compute-1.amazonaws.com ssh -i mykey.pem ec2-user@ec2-99-99-99-99.compute-1.amazonaws.com

#6楼

Change permission for the key file with : 使用以下命令更改密钥文件的权限：

chmod 400 key-file-name.pem

See AWS documentation for connecting to the instance: 请参阅AWS文档以连接到实例：

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html#EC2_ConnectToInstance_Linux http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html#EC2_ConnectToInstance_Linux