{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 手持菜刀,她持情操 的问题《can't ssh to AWS Windows instance using cygwin》','https://www.manongdao.com/q-1154999.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm following instruction here: https://docs.oracle.com/cd/E24628_01/install.121/e22624/preinstall_req_cygwin_ssh.htm#EMBSC340
Everything works fine until I get to Section 5.4, step 4. "Backup the c:\cygwin\etc\passwd file..." Guess what, there is no such file.
If I move on and turn on the cyg_server, then try to ssh to it from my local box, like any of the following attempts:
ssh -i "c:/users/Greg/.ssh/aws.pem" Admininistrator@ec2-52-89-66-113.us-west-2.compute.amazonaws.com
ssh Admininistrator@ec2-52-89-66-113.us-west-2.compute.amazonaws.com
ssh cyg_server@ec2-52-89-66-113.us-west-2.compute.amazonaws.com
ssh 52.89.66.113.us-west-2.compute.amazonaws.com
I get the following message:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ECDSA key sent by the remote host is SHA256:XZpY8q6txT+/CXh45b3JuiI8hMehnmH0s4ZXJWOoWAg. Please contact your system administrator. Add correct host key in /home/Greg/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /home/Greg/.ssh/known_hosts:32 ECDSA host key for 52.89.66.113 has changed and you have requested strict checking. Host key verification failed.
Note: my local box is Windows, the remote box is Windows so what is /home/Greg/.ssh/known_hosts? There is no account Greg on the remote, only Administrator. There is c:/Users/Greg account on local box. In that there is .ssh. But in that there is no "known_hosts" file.
I've opened TCP port 22 on the remote firewall.
I've googled the error and see stuff about fixing it with keygen but have no idea if they are talking about running it on the local box or remote box. All so confusing!
SOLUTION: Ok, I got past that problem, now onto the next. What did I do? I had previously been able to ssh into remote machines from a dos shell because I had the PATH environment variable pointing to my %CYGWIN%/bin directory. That's handy but it also obfuscated where /home/Greg was located. So I brought up a separate cygwin shell and ran the ssh from there. Then it gave me a message something about not being able to create directory home/Greg directory. Ah ha! So I created it manually, and the .ssh folder inside that. Then I ran the ssh command again and this time it created the "known_hosts" file in the .ssh folder and then it actually connected!
BTW, I then did a search for "known_hosts" and found it in c:/cygwin/home/Greg/.ssh Another ah ha moment!
Unfortunately, now its not accepting the password. I'm not sure which password its asking for? When I set up cygwin/sshd on the remote, I had created a password when I ran the ssh-host-config command. Is that the one it wants? I tried it but it didn't accept it. I assume the one it wants is the same one that was created when the AWS instance was launched, the same one I use to remote desktop into the instance. But it didn't accept that one either. Sheesh, why is this so hard!
I got past that problem. What did I do? I had previously been able to ssh into remote machines from a dos shell because I had the PATH environment variable pointing to my %CYGWIN%/bin directory. That's handy but it also obfuscated where /home/Greg was located. So I brought up a separate cygwin shell and ran the ssh from there. Then it gave me a message something about not being able to create directory home/Greg directory. Ah ha! So I created it manually, and the .ssh folder inside that. Then I ran the ssh command again and this time it created the "known_hosts" file in the .ssh folder and then it actually connected!
BTW, I then did a search for "known_hosts" and found it in c:/cygwin/home/Greg/.ssh Another ah ha moment!
I explained this error message in the SO Documentation like this:
REMOTE HOST IDENTIFICATION HAS CHANGED!
The common error using
sshis to see the error likeThis means that you connected to the same server before and it was identified using different host keys. If you are aware you changed the server keys, reinstalled the server or the server administrator announced some changes, it is usually ok to remove the old key and let the
sshto store its new.The old key can be transparently removed using
ssh-keygen:And next connection should ask you to verify the new fingerprint:
If you are not aware of any of the above, the best is to contact your server administrator to make sure that everything is ok. If not, the potential attacker would be able to get both your authentication information and all transferred data!