问题
recently I set up a new EC2 instance. The next day I was not able to connect to my instance via ssh. I could connect and disconnect the day before, I swear I did nothing. here is ssh debug info:
ssh -i webserver.pem -v ubuntu@my.elastic.ip
OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to my.elastic.ip [my.elastic.ip] port 22.
debug1: Connection established.
debug1: identity file webserver.pem type -1
debug1: identity file webserver.pem-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug1: SSH2_MSG_KEXINIT sent
Connection closed by my.elastic.ip
Is there a way to resolve this issue? Or shall I reinstall my instance again? Please, help as I need to resolve this asap. Your help is highly appreciated!
PS rights to my .pem are set to 600.
回答1:
Check your security group. Make sure that you have an outbound rule that allows traffic to return from the instance.
With the default outbound rule
type: All traffic, Protocol: All, Ports: All, Destination: 0.0.0.0/0
it will work.
回答2:
My problem was that the username was incorrect. On ubuntu instances it should be "ubuntu" and on amazon instances it should be "ec2-user".
回答3:
Often times, you should use the default user name for the AMI that you used to launch your instance:
- For Amazon Linux 2 or the Amazon Linux AMI, the user name is
ec2-user. - For a CentOS AMI, the user name is centos.
- For a Debian AMI, the user name is admin or root.
- For a Fedora AMI, the user name is ec2-user or fedora.
- For a RHEL AMI, the user name is ec2-user or root.
- For a SUSE AMI, the user name is ec2-user or root.
For an Ubuntu AMI, the user name is ubuntu.
Otherwise, if ec2-user and root don't work, check with the AMI provider.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/connection-prereqs.html#connection-prereqs-get-info-about-instance
回答4:
(1) Please check when you execute the ssh command, are you in the same folder where you put your pem key. Else you should use "ssh -i /your_key_path /mykey.pem".
(2) If that doesn't help. I think you could create another key and set your EC2 instance through AWS webpage. Then try again.
回答5:
I had this problem and it turned out the PEM file was incorrect. You can check following the instructions in Amazon EC2 Key Pairs - Verifying Your Key Pair's Fingerprint:
If you created your key pair using AWS, you can use the OpenSSL tools to generate a fingerprint from the private key file:
$ openssl pkcs8 -in path_to_private_key -inform PEM -outform DER -topk8 -nocrypt | openssl sha1 -cIf you created your key pair using a third-party tool and uploaded the public key to AWS, you can use the OpenSSL tools to generate a fingerprint from the private key file on your local machine:
$ openssl rsa -in path_to_private_key -pubout -outform DER | openssl md5 -cThe output should match the fingerprint that's displayed in the console.
回答6:
I had the same issue, Its the problem of the permissions you give to pem private key file. Make sure you run ssh command in the terminal with the sudo (Administrative) Access.
来源:https://stackoverflow.com/questions/16992848/aws-ec2-connection-closed-by-when-trying-ssh-into-instance