SSH to new Lightsail instance

0

I just started using AWS, and I don't think I have upgraded my Lightsail instance properly I started out with a free tier small instance running Ubuntu. It is working just fine, but I had some memory issues and decided to upgrade to the next size up on the free tier. I followed the instructions in this article: https://lightsail.aws.amazon.com/ls/docs/en_us/articles/how-to-create-larger-instance-from-snapshot-using-console. The process seemed to work properly, but I can't connect to the instance directly with the browser-based ssh client. If I use the browser connection, I get a CLIENT_UNAUTHORIZED [769] error. I looked at this article: https://aws.amazon.com/premiumsupport/knowledge-center/lightsail-resolve-ssh-console-errors/, but it didn't seem to apply as both instances are running Ubuntu 22.04.1 LTS and /etc/ssh/sshd_config had CASignatureAlgorithms set to ssh_rsa (CASignatureAlgorithms +ssh-rsa). If I use PuTTY, I can connect. What can I/should I do to get the ssh link to work?

I tried rebooting, and I tried deleting and recreating the instance. Neither allowed me to connect with the browser-based ssh client in my lightsail dashboard. I normally connect with PuTTY, but the original instance was working fine a couple of days ago with the browser-based client. I've never been able to use the browser-based client to connect to this new instance.

Thanks for any help and suggestions--

Al

asked 2 years ago422 views
1 Answer
0

Hello, your problem can be resolve by adding the following properties and values to /etc/ssh/sshd_config

TrustedUserCAKeys /etc/ssh/lightsail_instance_ca.pub
PubkeyAcceptedKeyTypes +ssh-rsa-cert-v01@openssh.com,ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa-cert-v01@openssh.com,ssh-rsa
CASignatureAlgorithms +ssh-rsa

After you update the config file, you can run the following command to make sure you have a good config

sshd -T

After that, you can run the following command to restart sshd

sudo systemctl restart sshd

browser based ssh would be recover for your instance.

AWS
yujie
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions