- 最新
- 最多得票
- 最多評論
Hey there, You mention that you cannot SSH into your instance due to the error “2 Too many authentication failures”. The authentication failures can occur due to the etc/ssh/sshd_config, which is where the MaxAuthTries (maximum Authentication tries) setting to a # (bastion host) is and the value is a small number. The default value for the MaxAuthTries is 6 . This happens when multiple keys are configured within the SSH-Agent and the client uses all keys to connect to the server. With all the keys failing authentication the server will then close the connection and produce the mentioned error.
To resolve the issue remove keys from the SSH-agent:
ssh-add -L
Shows all keys on keychain
Ssh-add-D
Deletes all the keys from the keychain
Ssh -A user@<bastion-IP-address>
To connect to your instance
Alternate solutions: ssh key forwarding manually
ssh-add myPrivateKey.pem
ssh-add –L
ssh –A user@<bastion-IP-address>
Alternate solutions:
- Increase the MaxAuthTries on the server
- Edit the ~/.ssh/config (on the client) and add IdentitiesOnly blocks so that a connection to a specific host only tries the associated key
- Force non-key authentication, e.g.: ssh -o PubkeyAuthentication=no romain@hostname.com
References :
[1] https://cloudmaniac.net/how-to-fix-ssh-too-many-authentication-failures/
[2] https://stackoverflow.com/questions/31051504/unable-to-connect-from-ec2-server
