Saya mencoba untuk terhubung ke instance EC2 menggunakan file PEM.
Sambungan berfungsi dengan baik dari PC rekan saya, tetapi saya tidak dapat membuatnya berfungsi dari PC saya.
EDIT: menambahkan output koneksi ssh
Milikku:
$ ssh -i <path-to-pem-file> -v <user>@54.XXX.XXX.XXX
> OpenSSH_7.7p1, OpenSSL 1.1.0h 27 Mar 2018
> debug1: Reading configuration data [omitted]
> debug1: [omitted] line 6: Applying options for bastion-br
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Connecting to 54.XXX.XXX.XXX [54.XXX.XXX.XXX] port XXXX.
> debug1: Connection established.
> debug1: key_load_public: No such file or directory
> debug1: identity file [omitted] type -1
> debug1: key_load_public: No such file or directory
> debug1: identity file [omitted] type -1
> debug1: Local version string SSH-2.0-OpenSSH_7.7
> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
> debug1: match: OpenSSH_6.2 pat OpenSSH* compat 0x04000000
> debug1: Authenticating to 54.94.244.114:22 as 'ec2-user'
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: algorithm: ecdh-sha2-nistp256
> debug1: kex: host key algorithm: ecdsa-sha2-nistp256
> debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none
> debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
> debug1: sending SSH2_MSG_KEX_ECDH_INIT
> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
> debug1: Server host key: ecdsa-sha2-nistp256 SHA256:pX0Of93seImy5DAEsQRPyLlFnehoHio53U8YuYmWexA
> debug1: Host '54.XXX.XXX.XXX' is known and matches the ECDSA host key.
> debug1: Found key in .........../known_hosts:3
> debug1: rekey after 4294967296 blocks
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: rekey after 4294967296 blocks
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey
> debug1: Next authentication method: publickey
> debug1: Trying private key: [omitted]
> debug1: Authentications that can continue: publickey
> debug1: No more authentication methods to try.
> [email protected]: Permission denied (publickey).
Nya:
OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data [omitted]
debug1: [omitted] line 1: Applying options for old_bastion_br
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 54.XXX.XXX.XXX [54.XXX.XXX.XXX] port YYYY.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file [omitted] type -1
debug1: key_load_public: No such file or directory
debug1: identity file [omitted] type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
debug1: match: OpenSSH_6.2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 54.XXX.XXX.XXX:YYYY as '[omitted]'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:pX0Of93se...
debug1: Host '54.XXX.XXX.XXX' is known and matches the ECDSA host key.
debug1: Found key in [omitted]
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: bruno@bruno-easycarros-dell
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to 54.XXX.XXX.XXX ([54.XXX.XXX.XXX]:YYYY).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Requesting authentication agent forwarding.
debug1: Sending environment.
debug1: Sending env LC_PAPER = pt_BR.UTF-8
debug1: Sending env LC_ADDRESS = pt_BR.UTF-8
debug1: Sending env LC_MONETARY = pt_BR.UTF-8
debug1: Sending env LC_NUMERIC = pt_BR.UTF-8
debug1: Sending env LC_TELEPHONE = pt_BR.UTF-8
debug1: Sending env LC_IDENTIFICATION = pt_BR.UTF-8
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending env LC_MEASUREMENT = pt_BR.UTF-8
debug1: Sending env LC_CTYPE = pt_BR.UTF-8
debug1: Sending env LC_TIME = pt_BR.UTF-8
debug1: Sending env LC_NAME = pt_BR.UTF-8
Last login: Fri Apr 20 16:55:34 2018 from 179.XXX.XXX.XXX
Kedua file PEM adalah file yang sama persis, diunduh dari tempat yang sama, tidak ada perbedaan dalam jeda baris, charset atau yang lainnya.
Berikut adalah beberapa perbedaan yang saya perhatikan:
Teks:
---Konfigurasi nya+++Konfigurasi saya
OS
$ uname -a
--- Linux <user> 4.4.0-119-generic #143-Ubuntu SMP Mon Apr 2 16:08:24 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
+++ Linux <user> 4.16.2-1-MANJARO #1 SMP PREEMPT Thu Apr 12 17:46:07 UTC 2018 x86_64 GNU/Linux
Versi OpenSSH
$ ssh -V
--- OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016
+++ OpenSSH_7.7p1, OpenSSL 1.1.0h 27 Mar 2018
Entri dibuat pada known_hosts
$ tail -n1 ~/.ssh/known_hosts
--- |1|mcQzUN92PAX...|GzyZZUknDcr... ecdsa-sha2-nistp256 AAAAE2VjZHNhL...
+++ 54.XXX.XXX.XXX ecdsa-sha2-nistp256 AAAAE2VjZHNhL...
The AAAAE2VjZHNhL...bagian adalah sama, saya sudah memeriksa menggunakan diff.
Saya tidak tahu mengapa di PC saya menggunakan IP biasa dari host dan di dalamnya menggunakan semacam string yang disandikan base64, tapi mungkin itu masalahnya.
Informasi tambahan tentang host EC2
Tuan rumah saya gagal terhubung untuk memiliki versi OpenSSH berikut diinstal:
OpenSSH_6.2p2, OpenSSL 1.0.1k-fips 8 Jan 2015
Kolega saya dapat terhubung ke host di atas. Saya tidak bisa .
Namun, ada host (baru) lain yang dapat saya sambungkan dengan sukses yang memiliki versi OpenSSH berikut:
OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016
Baik saya dan rekan saya dapat terhubung ke host ini.
Saya tidak tahu apa yang sedang terjadi.
ssh -v?