J'essaye de SSH
et de me connecter à mon instance RDS. Ni travaillent, ce qui donne la même erreur:Autorisation AWS SSH et RDS refusée - clé publique
Permission denied (publickey).
J'ai créé mes lettres de créance en ~/.ssh/config
:
Host clg-api-staging
HostName ec2-11-111-11-11.compute-1.amazonaws.com
User ec2-user
IdentityFile ~/.ssh/clg-api-staging.pem
J'ai essayé:
Changer mes autorisations sur la
pem
fichier:chmod 600 ~/.ssh/clg-api-staging.pem
Chang ing mes permissions sur
~/.ssh/
-700
Définissez des règles entrantes pour TCP sur le port
22
et MYSQL sur le port3306
:
Tel est le message que je tente de me connecter à travers le profil:
$ ssh -v clg-api-staging
OpenSSH_7.4p1, LibreSSL 2.5.0
debug1: Reading configuration data /Users/danniu/.ssh/config
debug1: /Users/danniu/.ssh/config line 26: Applying options for clg-api-staging
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to ec2-34-196-57-20.compute-1.amazonaws.com [34.196.57.20] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /Users/danniu/.ssh/clg-api-staging.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/danniu/.ssh/clg-api-staging.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: Authenticating to ec2-34-196-57-20.compute-1.amazonaws.com:22 as 'ec2-user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:pATHD/i/BUstt1K3QKzJB4kNJyIQJUoFNpmpsot/5Lg
debug1: Host 'ec2-34-196-57-20.compute-1.amazonaws.com' is known and matches the ECDSA host key.
debug1: Found key in /Users/danniu/.ssh/known_hosts:24
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: Skipping ssh-dss key /Users/danniu/.ssh/id_dsa - not in PubkeyAcceptedKeyTypes
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/danniu/.ssh/github_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/danniu/.ssh/clg-api-staging.pem
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
Ceci est le message lors de la tentative t o se connecter à la DB RDS via Sequel PRO:
Used command: /usr/bin/ssh -v -N -S none -o ControlMaster=no -o ExitOnForwardFailure=yes -o ConnectTimeout=10 -o NumberOfPasswordPrompts=3 -i /Users/danniu/.ssh/clg-api-staging.pem -o TCPKeepAlive=no -o ServerAliveInterval=60 -o ServerAliveCountMax=1 [email protected] -L 55318:aa1tgl9qfl015rk.cuqlyug9ccbu.us-east-1.rds.amazonaws.com:3306
OpenSSH_7.4p1, LibreSSL 2.5.0
debug1: Reading configuration data /Users/danniu/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Control socket " none" does not exist
debug1: Connecting to ec2-34-196-57-20.compute-1.amazonaws.com [34.196.57.20] port 22.
debug1: fd 8 clearing O_NONBLOCK
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /Users/danniu/.ssh/clg-api-staging.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/danniu/.ssh/clg-api-staging.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: Authenticating to ec2-34-196-57-20.compute-1.amazonaws.com:22 as 'ec2-user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:pATHD/i/BUstt1K3QKzJB4kNJyIQJUoFNpmpsot/5Lg
debug1: read_passphrase: can't open /dev/tty: Device not configured
debug1: permanently_drop_suid: 501
Warning: Permanently added 'ec2-34-196-57-20.compute-1.amazonaws.com,34.196.57.20' (ECDSA) to the list of known hosts.
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: Skipping ssh-dss key /Users/danniu/.ssh/id_dsa - not in PubkeyAcceptedKeyTypes
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/danniu/.ssh/github_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/danniu/.ssh/clg-api-staging.pem
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
Voir si ce lien aide: https://medium.com/@michalisantoniou6/connect-to-an-aws-rds-using-an-ssh -tunnel-22f3bd597924 – helloV
La clé est rejetée par le serveur. Sans les journaux du serveur, il est impossible de deviner la raison. – Jakuje
Vous devez configurer une connexion MySQL via SSH. Je fais cela en utilisant une instance d'accès restreint à l'intérieur du même VPC que le RDS pour des raisons de sécurité. Une fois que vous avez établi cela, vous pouvez utiliser mysql depuis le terminal ou vous pouvez configurer une interface graphique (comme MySQL workbench si vous utilisez linux localement) si vous le souhaitez. – Theyna