- Más nuevo
- Más votos
- Más comentarios
Hi,
Please, follow this article: https://dev.to/jeden/connecting-via-ssh-from-one-ec2-instance-to-another-2mk1 It details exactly what you're trying to achieve.
Also, you can read this article in details as it proposes solutions to various possible issues in your config: https://phoenixnap.com/kb/ssh-permission-denied-publickey
Best,
Didier
If your EC2's are Ubuntu, make sure you use ubuntu@IP Address when using the SSH Key as the user is different than a Amazon Linux VM
Default user names
For AL2023, Amazon Linux 2, or the Amazon Linux AMI, the user name is ec2-user.
For a CentOS AMI, the user name is centos or ec2-user.
For a Debian AMI, the user name is admin.
For a Fedora AMI, the user name is fedora or ec2-user.
For a RHEL AMI, the user name is ec2-user or root.
For a SUSE AMI, the user name is ec2-user or root.
For an Ubuntu AMI, the user name is ubuntu.
For an Oracle AMI, the user name is ec2-user.
For a Bitnami AMI, the user name is bitnami
I understand your intention. When setting up an EC2 instance on AWS, you have the option to either create a new key pair or use an existing one. Assuming you have already associated your key pair with your three instances at launch, you will be able to access each instance seamlessly using the same key. This assumes that you are employing the same security group with inbound rules allowing SSH (port 22) and keeping outbound rules at their default settings. Given these conditions, if you wish to connect from one VM to another, simply follow these steps:
- Log into VM-1.
- Generate a
.pem
file for your key pair on VM-1. (touch my-key-pair.pem
) - Copy the key pair value used for initial login into this file.
- Adjust the file's permissions to ensure its security by executing
chmod 400 ./key-pair.pem
. - Connect to the second VM using SSH by running
ssh -i ./key-pair.pem ec2-user@vm-2-private-ip
.
This approach is intended for those looking to gain access to the system via a key pair, specifically for practice or testing purposes, rather than for production environments.
Step 5. No need to use public IP once your in VM-1 as your now inside the VPC
permission denied (publickey gssapi-keyex gssapi-with-mic)
This message shows that an SSH connection is established, which means port 22 is open between source and target, i.e. your security groups and ruoting look fine.
The message also shows that SSH is trying to authenticate using key exchange, but you mention in your question that you've changed sshd_config
to permit password authentication, so presumably that's the method you want to use. How did you do this?
On Amazon Linux it should be just changing PasswordAuthentication
from no
to yes
in /etc/ssh/sshd_config on the target host and then sudo systemctl restart sshd
. On RHEL (or a RHEL-like OS such as CentOS) you also need to make the same change to /etc/ssh/sshd_config.d/50-cloud-init.conf (or just comment out the PasswordAuthentication
entry from that file.
See the accepted answer for this https://repost.aws/questions/QUE9_NBn5MQ5KgpjVyyy3ISA/unable-to-login-with-username-and-password-in-redhat-machine-created-in-aws
Contenido relevante
- OFICIAL DE AWSActualizada hace 3 años
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 4 meses
What OS are these?