gpt4 book ai didi

amazon-web-services - 将 key 对导入 Amazon AWS - 指纹错误?

转载 作者:行者123 更新时间:2023-12-04 10:39:22 26 4
gpt4 key购买 nike

我正在尝试从我的计算机导入现有的 key 对以在 EC2 中使用。但是一旦我点击“是,导入”,亚马逊显示的指纹与 ssh -lf 显示的指纹不匹配。对于同一个键。我已经验证它们是相同的 key ,尝试重新导入 key 等。通常的做法似乎是使用“创建 key 对”部分,但我更喜欢使用我常用的 SSH key 对。我也无法使用 SSH 登录到设置为使用此 key 对的实例(我得到 Permission denied (publickey).)。

有没有人在 AWS 上遇到过这样的问题?对问题可能是什么有任何见解?

最佳答案

好像有an answer in the AWS forums对于指纹差异。我将内容粘贴在这里供后代使用:

Hello,

I discussed with my colleagues and looks like it is a limitation from our end to provide keypair in different format. You'll notice the different lengths of the Amazon-generated Key Pair and the Import Key Pair. In the case of an Amazon-generated Key Pair, the Fingerprint is for the Private Key, while if you use Import Key Pair the fingerprint is for your public key. Amazon does not retain a copy of the generated Private Key, but the EC2 command line tools do provide a way to reproduce the SSH2 MD5 fingerprint:

ec2-fingerprint-key ./testpair1-private.pem 61:26:cc:7d:2a:2c:a4:e9:fb:86:ca:ef:57:d6:68:f8:24:bc:59:cd

This should match what you see in the console for the region in which you created the key, such as US-West-1 (North California). Unfortunately the ec2-fingerprint-key command-line tool does not fingerprint public keys. If you import the public key in another region such as US-East-1, the web AWS Console will only display the fingerprint of the public key.

Secondly, the AWS Console should be more clear on exactly what type of fingerprint it displays, which is the "MD5 public key fingerprint as specified in section 4 of RFC4716" (also known as SSH2 format) as mentioned here:

http://docs.amazonwebservices.com/AWSEC2/latest/CommandLineReference/ApiReference-cmd-ImportKeyPair.html

We have already put in a feature request for the web-based AWS Console to support the more common OpenSSH format. Unfortunately I was not able to find any user-friendly tools to generate the SSH2/RFC4716 format fingerprint, though I did find that you can import the same public key in your original region (with a name such as "Test2") and match the shown fingerprint between regions.



(强调我的)

正如他所提到的,我也找不到任何工具来生成 SSH2/RFC4716 格式指纹。这至少解决了指纹不匹配的谜团(至少如果我们假设 ssh-keygen -lf 以“更常见的 OpenSSH 格式”给出输出,如果这个假设错误,请纠正我);我仍然收到 Permission denied (publickey)当我尝试 ssh 时,但我会假设它现在不是实际的 key 不匹配并探索其他途径。

关于amazon-web-services - 将 key 对导入 Amazon AWS - 指纹错误?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/19251562/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com