SSH 오류 : 권한이 거부되었습니다. 다시 시도하십시오.

Question

우분투를 처음 사용합니다. 그러므로 질문이 너무 단순하다면 나를 용서해주십시오.

아마존 ec2 인스턴스를 사용하여 우분투 서버 설정이 있습니다. SSH를 사용하여 우분투 서버에 데스크탑 (우분투 시스템이기도 함)을 연결해야합니다.

우분투 서버에 open-ssh를 설치했습니다. 내 네트워크에서 SSH를 사용하여 우분투 서버를 연결하는 모든 시스템이 필요합니다. 따라서 보안 그룹 (AWS)에서 정적 IP에 대한 SSH 포트 22를 열었습니다.

내 SSHD-CONFIG 파일은 다음과 같습니다

# Package generated configuration file 
# See the sshd_config(5) manpage for details 

# What ports, IPs and protocols we listen for 
Port 22 
# Use these options to restrict which interfaces/protocols sshd will bind to 
#ListenAddress :: 
#ListenAddress 0.0.0.0 
Protocol 2 
# HostKeys for protocol version 2 
HostKey /etc/ssh/ssh_host_rsa_key 
HostKey /etc/ssh/ssh_host_dsa_key 
HostKey /etc/ssh/ssh_host_ecdsa_key 
#Privilege Separation is turned on for security 
UsePrivilegeSeparation yes 

# Lifetime and size of ephemeral version 1 server key 
KeyRegenerationInterval 3600 
ServerKeyBits 768 

# Logging 
SyslogFacility AUTH 
LogLevel INFO 

# Authentication: 
LoginGraceTime 120 
PermitRootLogin yes 
StrictModes yes 

RSAAuthentication yes 
PubkeyAuthentication yes 
#AuthorizedKeysFile %h/.ssh/authorized_keys 

# Don't read the user's ~/.rhosts and ~/.shosts files 
IgnoreRhosts yes 
# For this to work you will also need host keys in /etc/ssh_known_hosts 
RhostsRSAAuthentication no 
# similar for protocol version 2 
HostbasedAuthentication no 
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication 
#IgnoreUserKnownHosts yes 

# To enable empty passwords, change to yes (NOT RECOMMENDED) 
PermitEmptyPasswords no 

# Change to yes to enable challenge-response passwords (beware issues with 
# some PAM modules and threads) 
ChallengeResponseAuthentication no 

# Change to no to disable tunnelled clear text passwords 
#PasswordAuthentication yes 

# Kerberos options 
#KerberosAuthentication no 
#KerberosGetAFSToken no 
#KerberosOrLocalPasswd yes 
#KerberosTicketCleanup yes 

# GSSAPI options 
#GSSAPIAuthentication no 
#GSSAPICleanupCredentials yes 

X11Forwarding yes 
X11DisplayOffset 10 
PrintMotd no 
PrintLastLog yes 
TCPKeepAlive yes 
#UseLogin no 

#MaxStartups 10:30:60 
#Banner /etc/issue.net 

# Allow client to pass locale environment variables 
AcceptEnv LANG LC_* 

Subsystem sftp /usr/lib/openssh/sftp-server 

# Set this to 'yes' to enable PAM authentication, account processing, 
# and session processing. If this is enabled, PAM authentication will 
# be allowed through the ChallengeResponseAuthentication and 
# PasswordAuthentication. Depending on your PAM configuration, 
# PAM authentication via ChallengeResponseAuthentication may bypass 
# the setting of "PermitRootLogin without-password". 
# If you just want the PAM account and session checks to run without 
# PAM authentication, then enable this but set PasswordAuthentication 
# and ChallengeResponseAuthentication to 'no'. 
UsePAM yes 

지금은 내 터미널에서 우분투 서버에 접속을 시도 할 때,

ssh ubuntu@SERVER_IP 

나는 다음과 같은 오류 있어요 :

Permission denied, please try again. 

을 일부 연구에서 나는 서버의 인증 로그를 모니터링해야한다는 것을 깨달았습니다. 나는이 사용하는 디버깅하려고 할 때 내 인증 로그 (/var/log/auth.log)

Jul 2 09:38:07 ip-192-xx-xx-xxx sshd[3037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=MY_CLIENT_IP user=ubuntu 
Jul 2 09:38:09 ip-192-xx-xx-xxx sshd[3037]: Failed password for ubuntu from MY_CLIENT_IP port 39116 ssh2 

을 다음과 같은 오류가 발생했습니다 : SERVER_IP @ SSH -v 우분투를

OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012 
debug1: Reading configuration data /etc/ssh/ssh_config 
debug1: /etc/ssh/ssh_config line 19: Applying options for * 
debug1: Connecting to SERVER_IP [SERVER_IP] port 22. 
debug1: Connection established. 
debug1: identity file {MY-WORKSPACE}/.ssh/id_rsa type 1 
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 
debug1: identity file {MY-WORKSPACE}/.ssh/id_rsa-cert type -1 
debug1: identity file {MY-WORKSPACE}/.ssh/id_dsa type -1 
debug1: identity file {MY-WORKSPACE}/.ssh/id_dsa-cert type -1 
debug1: identity file {MY-WORKSPACE}/.ssh/id_ecdsa type -1 
debug1: identity file {MY-WORKSPACE}/.ssh/id_ecdsa-cert type -1 
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-7ubuntu1 
debug1: match: OpenSSH_5.8p1 Debian-7ubuntu1 pat OpenSSH* 
debug1: Enabling compatibility mode for protocol 2.0 
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1 
debug1: SSH2_MSG_KEXINIT sent 
debug1: SSH2_MSG_KEXINIT received 
debug1: kex: server->client aes128-ctr hmac-md5 none 
debug1: kex: client->server aes128-ctr hmac-md5 none 
debug1: sending SSH2_MSG_KEX_ECDH_INIT 
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY 
debug1: Server host key: ECDSA {SERVER_HOST_KEY} 
debug1: Host 'SERVER_IP' is known and matches the ECDSA host key. 
debug1: Found key in {MY-WORKSPACE}/.ssh/known_hosts:1 
debug1: ssh_ecdsa_verify: signature correct 
debug1: SSH2_MSG_NEWKEYS sent 
debug1: expecting SSH2_MSG_NEWKEYS 
debug1: SSH2_MSG_NEWKEYS received 
debug1: Roaming not allowed by server 
debug1: SSH2_MSG_SERVICE_REQUEST sent 
debug1: SSH2_MSG_SERVICE_ACCEPT received 
debug1: Authentications that can continue: password 
debug1: Next authentication method: password 
ubuntu@SERVER_IP's password: 
debug1: Authentications that can continue: password 
Permission denied, please try again. 
ubuntu@SERVER_IP's password: 

수있는 사람하시기 바랍니다 문제가있는 곳을 안내하고이 문제에 대한 해결책을 제안하십시오.

감사합니다.

Answer 1

문제점이있는 부분과 해결 된 부분을 발견했습니다.

나는 새 사용자를 만들고 암호를 재설정했습니다. 우분투에서는 새 사용자를 만들 때 기본적으로 루트 사용자의 암호가 새 사용자에게 할당됩니다. 그런 다음 재설정하고 새 사용자에게 암호를 지정하십시오.

나는 RSAAuthentication, PubkeyAuthentication 및 KerberosAuthentication과 같은 모든 SSH 인증을 껐습니다. 나는 PasswordAuthentication 만 켰습니다. 이제 모든 네트워크 (내 네트워크)를 원격 서버에 연결할 수있었습니다.

감사합니다.