I'm working on GCP project in which, I have numerous small files on instance-A and I need to transfer them to instance-B. The transfer is working fine over Rsync with external IP. Both not working when I try to use internal Ip.
How can I sync files between my 2 instances with internal IPs?
Help me, please!
Thanks in Advance!
You need to check if you are unable to access via ssh from "instance-A" to instance-B using the internal IP of "instance-B" because of a "Permission denied (publickey)" error.
From instance A, run:
ssh [user]#[internal IP of instance B]
If this is the case, you can generate new keys with ssh-keygen:
ssh-keygen -t rsa -f ~/.ssh/[key file name] -C [user]
And add them to metadata.
Once done, check if you are able to ssh the instance using the internal IP. I was able to login successfully and also synced two directories using the rsync command with the internal IP.
rsync -v -e ssh ~/[source dir]/* [user]#[internal IP of instance B]:~/[destination dir]
Related
I try to connect to IoT Controllers via VPN.
The Controllers are already set up. I only need to establish a VPN to have remote access.
For that i installed OpenVPN in a AWS EC2 Instance.
To build the Connection between OpenVPN and the Clients, i need to create certificates & keys for the server and the clients.
The documentation says that i need to extract the easy-rsa 2 script bundle (ziped files) into the home directory of the OpenVPN: https://openvpn.net/community-resources/setting-up-your-own-certificate-authority-ca/
My question: How can i unzip a file from my local machine into the home directory of a cloud hosted VPN?
UPDATE
Currently i try via scp to transfer the zip to the openvpn instance.
scp -i ~\OpenVPNKeys.pem easy-rsa-old-master.zip openvpnas#34.249.227.33:/home/
But i get the following error:
scp: /home/easy-rsa-old-master.zip: Permission denied
When i try:
scp -i ~\OpenVPNKeys.pem easy-rsa-old-master.zip openvpnas#34.249.227.33
without specifying the directory it works. I get the message:
1 Datei(en) kopiert
But then i have no clue where the file is saved. Does anayone know where files will be saved automatically?
I have created an EC2 Linux Instance in AWS. I used Ubuntu Server 20.04 LTS (HVM) AMI. After create the instance I was downloaded the key pair file (.pem). I gave it a name "EC2-Key-Pair". Then I launched the instance. Then in my Kali Linux system I open a Linux terminal where I saved the .pem file. After that I used this command:
chmod 400 EC2-Key-Pair
After run this command, I used this command:
ssh -i "EC2-Key-Pair.pem" ubuntu#ec2-13-232-252-152.ap-south-1.compute.amazonaws.com
Where ubuntu is the username and
ubuntu#ec2-13-232-252-152.ap-south-1.compute.amazonaws.com
is the Public IPv4 DNS of my instance. But when I executed this command I get this error:
Host key verification failed.
How to fix this error. I have executed this command using sudo and not using sudo. But both way was failed. Even I searched the error on internet, I found a solution that by using this command I can fix this error:
ssh-keygen -R Hostname
Where I used my instance's public IPv4 DNS as Hostname:
ssh-keygen -R ec2-13-232-252-152.ap-south-1.compute.amazonaws.com
But it shows an error that:
Cannot stat /home/sanniddha/.ssh/known_hosts: No such file or directory
Error after execute the SSH command as root user
Error after execute the SSH command
Error after execute ssh-keygen -R Hostname
This error means that there is something changed in your instance since the last login, and most properly
you created the EC2 instance, with No fixed IP assigned to this instance. so
When you start this instance, it will get (dynamic) IP and a DNS name which will be based on that IP.
If you shutdown the instance and start it again few hours later, it might get a new IP and a new DNS name.
The trouble you are getting because of the ssh key fingerprint changed. In general, it is not a bad thing and you accept the warning but double-check everything.
What is an SSH key fingerprint and how is it generated?
What can cause a changed ssh fingerprint
In your case, it might be because you launched an instance earlier and which has a similar DNS name that got added to ~/.ssh/known_hosts file.
xx.xx.xx.xx ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP2oAPXOCdClEnRzlXuxKtygT3AROcruefiPi6JPdzo+=
You can clean ~/.ssh/known_hosts by issueing following command
ssh-keygen -R ec2-13-232-252-152.ap-south-1.compute.amazonaws.com
As the IP got recycled on AWS side for the instance when you launched a new instance. The new instance has a different ssh fingerprint from the one you have in your ~/.ssh/known_hosts file, hence the warning.
As pointed out already, you need to open port 22 for your IP to access the instance.
If possible use IP address instead of DNS name for ssh. Plus for ssh you don't need sudo
I'm struggling trying to open an ssh tunnel to access an RDS MySql instance through an EC2 bastion host. Using desktop clients (Navicat, MysqlWorkBench) with ssh tunnel set everything works as expected but when I run ssh -i keys.pem user#ec2-instance -L 3307:rds-mysql-instance:3306 -N in my terminal the command hangs indefinitely.
I can access my EC2 instance using ssh -i keys.pem user#ec2-instance and from my EC2 instance I can access the RDS database
Am I missing something in the configuration?
I also tried to open all ports on my Security Group just to be sure that it wasn't a port related issue.
Any help/idea?
Based on the comments.
To identify the issue, more verbose output from ssh can be requested using -v, -vv or even -vvv flags. Thus, the command for debugging can be:
ssh -i keys.pem user#ec2-instance -L 3307:rds-mysql-instance:3306 -N -vv
The detailed output allowed to identify the issue with the connection and fix it.
I am trying to connect to an EC2 instance which I recently spun up via the following SSH command from my Mac OS:
ssh -v -i ~/.ssh/mykey.pem ec2-***.us-east-2.compute.amazonaws.com
I have removed the exact DNS name as it is probably not relevant here. Before I attempted to connect, I took the following steps:
Added a rule for inbound SSH traffic (using my IP)
Created an SSH key in AWS before spinning up the instance
Placed the private key mykey.pem file in my user .ssh folder
I have read many SO questions and other documentation, which is why I was even able to put the above steps together. I am at a loss as to why I can't connect to my EC2 instance, but I am hoping someone will see a flaw in what I am doing here.
You are missing the user name:
ssh -i ~/.ssh/key.pem ec2-user#host-or-ip
Depending on the type of instance, that user name may be ec2-user (amazon linux) or ubuntu (ubuntu). Other versions may have different requirements (some older redhat instances still use root, for example), but that should cover most cases.
my chef server is in vpc i want to execute this command without eip
knife ec2 server create -r "role[test1]" -I ami-axxxxx --flavor t1.micro -x ubuntu --ssh-key JP_Key -Z us-east-1c --subnet subnet-c1b6d5a8 -g sg-b1e70bde -p 22 --fqdn mynewclientnode.example.com --tags Name=test_knife
im getting this error
ERROR: Net::SSH::HostKeyMismatch: fingerprint 5f:4b:f6:4d:9b:8a:88:a0:9d:fd:9f:ea:5c:ad:31:ef does not match for "10.220.15.174"
10.220.15.174 is ip of newly launched instance.
when i attach eip chef-client is instanlling.
Is there any way to do it.
This is not a Chef, knife, or AWS error. For security reasons, SSH stores the fingerprints of systems in a local cache the first time you connect. If that fingerprint changes (like if you re-provision a server using the same FQDN), SSH will throw this error. This is primarily to prevent MITM attacks (where you would be logging into a server that isn't what you think).
To fix this error, remove that fingerprint from your ~/.ssh/known_hosts file and run the command again.