1. Accueil
  2. Question et réponse
  3. Autorisation AWS SSH et RDS refusée - clé publique

Autorisation AWS SSH et RDS refusée - clé publique

2017-08-20 1 views
0

J'essaye de SSH et de me connecter à mon instance RDS. Ni travaillent, ce qui donne la même erreur:Autorisation AWS SSH et RDS refusée - clé publique

Permission denied (publickey).

J'ai créé mes lettres de créance en ~/.ssh/config:

Host clg-api-staging 
    HostName ec2-11-111-11-11.compute-1.amazonaws.com 
    User ec2-user 
    IdentityFile ~/.ssh/clg-api-staging.pem

J'ai essayé:

  • Changer mes autorisations sur la pem fichier: chmod 600 ~/.ssh/clg-api-staging.pem

  • Chang ing mes permissions sur ~/.ssh/-700

  • Définissez des règles entrantes pour TCP sur le port 22 et MYSQL sur le port 3306:

enter image description here

Tel est le message que je tente de me connecter à travers le profil:

$ ssh -v clg-api-staging 

OpenSSH_7.4p1, LibreSSL 2.5.0 
debug1: Reading configuration data /Users/danniu/.ssh/config 
debug1: /Users/danniu/.ssh/config line 26: Applying options for clg-api-staging 
debug1: Reading configuration data /etc/ssh/ssh_config 
debug1: Connecting to ec2-34-196-57-20.compute-1.amazonaws.com [34.196.57.20] port 22. 
debug1: Connection established. 
debug1: key_load_public: No such file or directory 
debug1: identity file /Users/danniu/.ssh/clg-api-staging.pem type -1 
debug1: key_load_public: No such file or directory 
debug1: identity file /Users/danniu/.ssh/clg-api-staging.pem-cert type -1 
debug1: Enabling compatibility mode for protocol 2.0 
debug1: Local version string SSH-2.0-OpenSSH_7.4 
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1 
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000 
debug1: Authenticating to ec2-34-196-57-20.compute-1.amazonaws.com:22 as 'ec2-user' 
debug1: SSH2_MSG_KEXINIT sent 
debug1: SSH2_MSG_KEXINIT received 
debug1: kex: algorithm: [email protected] 
debug1: kex: host key algorithm: ecdsa-sha2-nistp256 
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none 
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none 
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY 
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:pATHD/i/BUstt1K3QKzJB4kNJyIQJUoFNpmpsot/5Lg 
debug1: Host 'ec2-34-196-57-20.compute-1.amazonaws.com' is known and matches the ECDSA host key. 
debug1: Found key in /Users/danniu/.ssh/known_hosts:24 
debug1: rekey after 134217728 blocks 
debug1: SSH2_MSG_NEWKEYS sent 
debug1: expecting SSH2_MSG_NEWKEYS 
debug1: SSH2_MSG_NEWKEYS received 
debug1: rekey after 134217728 blocks 
debug1: Skipping ssh-dss key /Users/danniu/.ssh/id_dsa - not in PubkeyAcceptedKeyTypes 
debug1: SSH2_MSG_SERVICE_ACCEPT received 
debug1: Authentications that can continue: publickey 
debug1: Next authentication method: publickey 
debug1: Offering RSA public key: /Users/danniu/.ssh/github_rsa 
debug1: Authentications that can continue: publickey 
debug1: Trying private key: /Users/danniu/.ssh/clg-api-staging.pem 
debug1: Authentications that can continue: publickey 
debug1: No more authentication methods to try. 
Permission denied (publickey).

Ceci est le message lors de la tentative t o se connecter à la DB RDS via Sequel PRO:

Used command: /usr/bin/ssh -v -N -S none -o ControlMaster=no -o ExitOnForwardFailure=yes -o ConnectTimeout=10 -o NumberOfPasswordPrompts=3 -i /Users/danniu/.ssh/clg-api-staging.pem -o TCPKeepAlive=no -o ServerAliveInterval=60 -o ServerAliveCountMax=1 [email protected] -L 55318:aa1tgl9qfl015rk.cuqlyug9ccbu.us-east-1.rds.amazonaws.com:3306 

OpenSSH_7.4p1, LibreSSL 2.5.0 
debug1: Reading configuration data /Users/danniu/.ssh/config 
debug1: Reading configuration data /etc/ssh/ssh_config 
debug1: Control socket " none" does not exist 
debug1: Connecting to ec2-34-196-57-20.compute-1.amazonaws.com [34.196.57.20] port 22. 
debug1: fd 8 clearing O_NONBLOCK 
debug1: Connection established. 
debug1: key_load_public: No such file or directory 
debug1: identity file /Users/danniu/.ssh/clg-api-staging.pem type -1 
debug1: key_load_public: No such file or directory 
debug1: identity file /Users/danniu/.ssh/clg-api-staging.pem-cert type -1 
debug1: Enabling compatibility mode for protocol 2.0 
debug1: Local version string SSH-2.0-OpenSSH_7.4 
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1 
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000 
debug1: Authenticating to ec2-34-196-57-20.compute-1.amazonaws.com:22 as 'ec2-user' 
debug1: SSH2_MSG_KEXINIT sent 
debug1: SSH2_MSG_KEXINIT received 
debug1: kex: algorithm: [email protected] 
debug1: kex: host key algorithm: ecdsa-sha2-nistp256 
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none 
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none 
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY 
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:pATHD/i/BUstt1K3QKzJB4kNJyIQJUoFNpmpsot/5Lg 
debug1: read_passphrase: can't open /dev/tty: Device not configured 
debug1: permanently_drop_suid: 501 
Warning: Permanently added 'ec2-34-196-57-20.compute-1.amazonaws.com,34.196.57.20' (ECDSA) to the list of known hosts. 
debug1: rekey after 134217728 blocks 
debug1: SSH2_MSG_NEWKEYS sent 
debug1: expecting SSH2_MSG_NEWKEYS 
debug1: SSH2_MSG_NEWKEYS received 
debug1: rekey after 134217728 blocks 
debug1: Skipping ssh-dss key /Users/danniu/.ssh/id_dsa - not in PubkeyAcceptedKeyTypes 
debug1: SSH2_MSG_SERVICE_ACCEPT received 
debug1: Authentications that can continue: publickey 
debug1: Next authentication method: publickey 
debug1: Offering RSA public key: /Users/danniu/.ssh/github_rsa 
debug1: Authentications that can continue: publickey 
debug1: Trying private key: /Users/danniu/.ssh/clg-api-staging.pem 
debug1: Authentications that can continue: publickey 
debug1: No more authentication methods to try. 
Permission denied (publickey).

Source

2017-08-20 Growler

+0

Voir si ce lien aide: https://medium.com/@michalisantoniou6/connect-to-an-aws-rds-using-an-ssh -tunnel-22f3bd597924 – helloV

+0

La clé est rejetée par le serveur. Sans les journaux du serveur, il est impossible de deviner la raison. – Jakuje

+0

Vous devez configurer une connexion MySQL via SSH. Je fais cela en utilisant une instance d'accès restreint à l'intérieur du même VPC que le RDS pour des raisons de sécurité. Une fois que vous avez établi cela, vous pouvez utiliser mysql depuis le terminal ou vous pouvez configurer une interface graphique (comme MySQL workbench si vous utilisez linux localement) si vous le souhaitez. – Theyna

Répondre

0

Directement, vous ne pouvez pas accéder à l'instance AWS RDS via SSH. Vous pouvez y accéder via le client MySQL.

  1. Installer apt-get install MySQL-server -y
  2. Run MySQL -h clg-api-staging -P password -p

Source

2017-08-22 05:23:17 Prakash26790

0

Si vous tentez de vous connecter à RDS en utilisant SSH, qui ne va jamais travailler. RDS est un service de base de données qui n'autorise que les connexions SQL et non l'accès direct à SSH ou autre type d'administrateur.

Source

2017-08-22 03:21:46 BryceH

 Questions connexes

  • Aucun problème connexe^_^