2

So we were working on configurations for a soon to be production server. After making some configuration changes, we rebooted the machine and we got the dreaded "server refused connection" message.

I tried creating an AMI and re-launching to try and replace the cert. This did not work.

I have also followed the instrucions on unmounting the hard drive and replacing authorized_keys and then re-attaching it. I have done this several times. This did not work.

The only thing I can think of was that we added a person into the sudoer's file a while back. I have since replaced the sudoers file with a copy that I know works but that doesn't seem to help either.

How do I go about debugging and perhaps fixing the issue. I just thought that I could look in the log from AWS console, but I didn't really find much. I have an older version of the server that is functional as an AMI but it is missing a lot of work that we did recently. Just got sidetracked but was on my list of things to do - as you can see I do make backups - just not as often as I should apparently.

Can anyone please help me debug what is might be the problem.

Other possibilities I have checked permissions? I believe I have 700 on .ssh folder 600 on authorized_keys

the keys are in a /home/bitnami folder although I use the user ubuntu to login. This is based on a bitnami AMI - I have verified that I do in fact use ubuntu to login, but there is only a bitnami user.

I use putty but this is what Event Log looks like:

2016-03-18 21:31:12 Using SSH protocol version 2
2016-03-18 21:31:12 We claim version: SSH-2.0-PuTTY_Release_0.63
2016-03-18 21:31:12 Doing Diffie-Hellman group exchange
2016-03-18 21:31:12 Doing Diffie-Hellman key exchange with hash SHA-256
2016-03-18 21:31:12 Host key fingerprint is:
2016-03-18 21:31:12 ssh-rsa 2048 1f:25:5b:d4:af:e6:b8:b5:e2:97:a7:76:b7:bf:ca:b2
2016-03-18 21:31:12 Initialised AES-256 SDCTR client->server encryption
2016-03-18 21:31:12 Initialised HMAC-SHA-256 client->server MAC algorithm
2016-03-18 21:31:12 Initialised AES-256 SDCTR server->client encryption
2016-03-18 21:31:12 Initialised HMAC-SHA-256 server->client MAC algorithm
2016-03-18 21:31:12 Reading private key file "C:\Users\mzuniga\keys\abc.ppk"
2016-03-18 21:31:31 Offered public key
2016-03-18 21:31:31 Server refused our key
2016-03-18 21:31:31 Disconnected: No supported authentication methods available (server sent: publickey)

AWS Console Log

/opt/bitnami/apache2/scripts/ctl.sh : httpd started at port 80
* Stopping System V runlevel compatibility[74G[ OK ]
     * Starting execute cloud user/final scripts[74G[ OK ]Cloud-init v. 0.7.5 running 'modules:final' at 
    Sat, 19 Mar 2016 04:16:00 +0000. Up 99.63 seconds.
    ci-info: +++++++++Authorized keys from /home/bitnami/.ssh/authorized_keys for user ubuntu++++++++++

Looks like the OS is still somewhat in tact. Is there a strategy I can take on replacing directories to recover what I need? I already tried replacing the entire bitnmai directory which seems to have the keys- then maybe try the /etc directory, etc?

I currently have a working older version with the current non-working version mounted on /data. I have verified that on the working version there is no /home/ubuntu folder. This is initially a bitnami ami for magento and the working version is recent after uploading all the content but no major configs. I have verified that the authorized_keys are found under /home/bitnami/.ssh/ folder even though I use ubuntu to login as noted in the AWS console log and also by tinkering with this for quite some time.

I also can verify that you cannot login with user ubuntu or user bitnami, but you can use either on an older working version.

1 Answers1

1

In order to fix the situation, I used an older ami and launched that machine. I then mounted the current drive to the old machine to a folder named /data

I used the command I copied the /etc folder

sudo cp -a /etc /data/

I also copied the user folder

sudo cp -a /home/bitnami /data/home

I also copied the root folder as I noticed there were some changes in there

sudo cp -a /root /data

I went through many iterations and realized that perhaps I was not setting permissions correctly when I was copying previously and then came across a post which told me to use -a option when running cp. Once I went through and copied all of those folders (which included the keys), I was able to login again.

Once I did all this, I remounted the drive on the original machine and I was able to login again.