AWS connection error - amazon-web-services

I am trying to connect to the Ubuntu VM on AWS, it was working fine but now shows:-
Permission denied (publickey).
when I run ssh-add /Users/username/Desktop/SSH_KEYS/* , I can connect although i get a warning WARNING: UNPROTECTED PRIVATE KEY FILE!
but after connection I get
1 update is a security update.
System restart required
and each time I reboot my mac machine I need to run ssh-add /Users/username/Desktop/SSH_KEYS/* again
Also when I am connected if I try to run
$ nvidia-smi
I get the following error:-
Failed to initialize NVML: Driver/library version mismatch
Can you please explain what is the reason for all this?
Thanks

Related

GCP - can't SSH into VM from console - Error updating SSH keys

I can't ssh into my VM, the firewall is open with port 22, my IP, and IAP IP range, I'm the owner of the project, so I go to the serial port to find out why.
I just found those error logs, but I don't quite understand all of them.
GCEGuestAgent Error non_windows_accounts.go:158: Error updating SSH keys for {USER}: mkdir /home/{USER}/.ssh: no such file or directory.
OSConfigAgent Warning: Error waiting for task (attempt 1 of 10): rpc error: code = Unavailable desc = 502:Bad Gateway
OSConfigAgent Warning: Error waiting for task (attempt 1 of 10): rpc error: code = Unavailable desc = transport is closing
I found some Groups conversation with your same issue "Unable to SSH to instance", seems your error is from the guest agent.
And also if the first resolution step is not working, try this documentation Metadata-managed SSH connections to change linux username, and creates an ephemeral SSH key pair.
Since I just did some tests. I found where is the problem which is the VM is missing the directory and the guest agent is not able to make a new directory . Therefore, the approach is to create manually a path with /home/{USER}/.ssh
After that, try to ssh into VM again, you would work well. and you will see the /home/{USER}/.ssh/authorized_keys this file.
I don't know why the guest agent was not able to mkdir the folder. But this approach works for me.

Creating a user and adding public key on aws ec2 instance

I've created a user and copied the public key to .ssh/authorized_key for that new user and also I've set the pubkeyauthentication to yes on /etc/ssh/sshd_config after saving the file restarted the sshd service.
When I try to ssh from the new user I am getting error:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic)
Am I missing any step here to ssh from the new user account?
When I check the status for sshd.servive I see error:
AuthorizedKeysCommand /opt/aws/bin/eic_run_authorized_keys xxxx SHA256:84NyibLXFppE4BGIM+1e5iO...status 22
Had the same issue error: AuthorizedKeysCommand /opt/aws/bin/eic_run_authorized_keys ec2-user.
Make sure the file permission is user only (600) in the $HOME/.ssh directory on the SSH client side host.
"error: AuthorizedKeysCommand /opt/aws/bin/eic_run_authorized_keys ...snip... failed, status 22" error #20
FYI
To debug:
sudo tail -f /var/log/secure to monitor the reason why SSH refuses the connection.
Make sure $HOME/.ssh/authorized_key content on EC2 instance is correctly match with your ssh private key in the SSH client host.
Make sure correct private key is being used, use -i option to explicitly specify which key you use.
You might want to check the algorithm you are using to generate the key.
I saw exactly the same error message when using the ECDSA algorithm but fixed the problem by using RSA instead (ssh-keygen -t rsa).
If you want to dig deeper you can try
ssh -Q key
to get a list of supported key types.

CentOS - No route to host when trying git clone

I'm trying to clone a repo from github by using the command:
git clone https://github.com/
However, I'm getting the below error:
fatal: unable to access "https://github.com/...." : Failed connect to ip addr : port; No route to host
I have tried several things including turning the firewall off.
systemctl status firewalld
shows inactive status.
Does anyone have an idea what I might be missing here?
Check if the system has access to internet. It can be a problem with the nameserver. It should be defined here: /etc/resolv.conf

SSH tunnelling to a remote server with django

I'm trying to set up an SSH tunnel to access my server (currently an ubuntu 16.04 VM on Azure) to set up safe access to my django applications running on it.
I was able to imitate the production environment with Apache WSGI and it works pretty good but since I'm trying to develop the application I don't want to make it available to broader public right now - but to make it visible only for a bunch of people.
To the point: when I set up the ssh tunnel using putty on Windows 10 (8000 to localhost:8000) and I run http://localhost:8000/ I get the folowing error:
"Not Found HTTP Error 404. The requested resource is not found.".
How can I make it work? I run the server using manage.py runserver 0:8000.
I found somewhere that the error may be due to the fact that the application does not have access to ssh files, but I don't know whether that's the point here (or how to change it).
Regards,
Dominik
After hours of trying I was able to solve the problem.
First of all, I made sure putty connects to the server and creates the desired tunnel. To do that I right-clicked on the putty window (title bar) and clicked event log. I checked the log and found the following error:
Local port 8000 forwarding to localhost:8000 failed: Network error:
Permission denied
I was able to solve it by choosing other local port (9000 instead of 8000 in my instance).
Second of all, I edited the sshd_config file: sudo vi etc/ssh/sshd_config
and added these three lines:
AllowAgentForwarding yes
AllowTcpForwarding yes
GatewayPorts yes
I saved the file and restarted the ssh service:
sudo service ssh stop
sudo service ssh start
Now when I visit localhost:9000 everything works just fine.

Linux denies permission on socket bind using boost asio

I'm having a problem binding a socket and I get permision denied when running the program as a user. this line of code generates an error.
_acceptor = new boost::asio::ip::tcp::acceptor(io, boost::asio::ip::tcp::endpoint(boost::asio::ip::tcp::v4(), serverPort));
the error is
terminate called after throwing an instance of 'boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::system::system_error> >'
what(): bind: Permission denied
However, if I run as root it works fine. I've tried disabling apparmor and firewall with
sudo service apparmor stop
sudo ufw disable
but I still have the problem. Am I missing something that could deny permision?
I'd really like to figure this out as I don't like running my IDE and an unproven program as root.
I'm running xubuntu 13.10 with all updates installed.
On unix systems, the first 1024 port are restricted to the root user only so if serverPort < 1024 you should try something > 1024