解决了。​​Lubuntu 14.04.4 ssh-agent 配置:我遗漏了什么

解决了。​​Lubuntu 14.04.4 ssh-agent 配置:我遗漏了什么

关于 ssh-agent 有很多问题,但所描述的情况似乎都与我的问题不符。

首先,我使用的是 Lubuntu 14.04.4。

我已遵循以下说明(在 arch wiki 中找到):

$ ssh-agent
$ eval $(ssh-agent)
$ ssh-add ~/.ssh/id_dsa

但当我这样做时:

$ ssh -p 22 [email protected]

它要求输入密码。

(有一个实际的 IP 地址,我只是不想分享它 ;-))

我找到了一个地方来验证以下内容:

$ echo $SSH_AUTH_SOCK
/tmp/ssh-tw1EdcXYFnDd/agent.6550

我理解这是一个有效的输出。

那么我遗漏了什么?

我也尝试使用 ssh-pass,但没有任何反应。

否则,我可以手动登录,只是不断输入密码很麻烦......

提前致谢。

Muru 询问输出

    OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 19: Applying options for *
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to xxx.xxx [xx.xxx] port xxx.
    debug1: Connection established.
    debug1: identity file /home/jofre/.ssh/id_rsa type 1
    debug1: identity file /home/jofre/.ssh/id_rsa-cert type -1
    debug1: identity file /home/jofre/.ssh/id_dsa type -1
    debug1: identity file /home/jofre/.ssh/id_dsa-cert type -1
    debug1: identity file /home/jofre/.ssh/id_ecdsa type -1
    debug1: identity file /home/jofre/.ssh/id_ecdsa-cert type -1
    debug1: identity file /home/jofre/.ssh/id_ed25519 type -1
    debug1: identity file /home/jofre/.ssh/id_ed25519-cert type -1
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.7
    debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.7
    debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.7 pat OpenSSH_6.6.1* compat 0x04000000
    debug2: fd 3 setting O_NONBLOCK
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,[email protected],zlib
    debug2: kex_parse_kexinit: none,[email protected],zlib
    debug2: kex_parse_kexinit: 
    debug2: kex_parse_kexinit: 
    debug2: kex_parse_kexinit: first_kex_follows 0 
    debug2: kex_parse_kexinit: reserved 0 
    debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,[email protected]
    debug2: kex_parse_kexinit: none,[email protected]
    debug2: kex_parse_kexinit: 
    debug2: kex_parse_kexinit: 
    debug2: kex_parse_kexinit: first_kex_follows 0 
    debug2: kex_parse_kexinit: reserved 0 
    debug2: mac_setup: setup [email protected]
    debug1: kex: server->client aes128-ctr [email protected] none
    debug2: mac_setup: setup [email protected]
    debug1: kex: client->server aes128-ctr [email protected] none
    debug1: sending SSH2_MSG_KEX_ECDH_INIT
    debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
    debug1: Server host key: ccccccccccccccccccccccccc (modified by Jofre)
    debug1: Host '[xxxxxxxxx]:yyy' is known and matches the ECDSA host key.
    debug1: Found key in /home/jofre/.ssh/known_hosts:6
    debug1: ssh_ecdsa_verify: signature correct
    debug2: kex_derive_keys
    debug2: set_newkeys: mode 1
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug2: set_newkeys: mode 0
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug2: service_accept: ssh-userauth
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug2: key: /home/jofre/.ssh/id_rsa (xxxxxxxxxxxxxxxx),
    debug2: key: /home/jofre/.ssh/id_dsa ((nil)),
    debug2: key: /home/jofre/.ssh/id_ecdsa ((nil)),
    debug2: key: /home/jofre/.ssh/id_ed25519 ((nil)),
    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Offering RSA public key: /home/jofre/.ssh/id_rsa
    debug2: we sent a publickey packet, wait for reply
    debug1: Authentications that can continue: publickey,password
    debug1: Trying private key: /home/jofre/.ssh/id_dsa
    debug1: key_parse_private2: missing begin marker
    debug1: key_parse_private_pem: PEM_read_PrivateKey failed
    debug1: read PEM private key done: type <unknown>
    Enter passphrase for key '/home/jofre/.ssh/id_dsa': 

我已经用 xxxxxxx 或 cccccccc 替换了我认为的敏感信息。

无论如何,感谢您询问更多信息。

2016 年 5 月 27 日更新:根据 Waltinator 的观察,我收到了有关文件格式的消息,我检查了一下,没有发现任何明显的错误。很正常,因为该文件从未被手动编辑过。

我干脆放弃了,按照 Julen 的建议生成一个新的无密码密钥并使用 ssh-copy-id。它有效。我已将标题标记为已解决。

答案1

使用 查看你的钥匙圈中有哪些钥匙ssh-add -l

最后几行日志:

debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/jofre/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/jofre/.ssh/id_dsa
debug1: key_parse_private2: missing begin marker
debug1: key_parse_private_pem: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/jofre/.ssh/id_dsa': 

显示您的ssh命令从 发送您的公钥/home/jofre.ssh.id_rsa,并等待回复。sshd另一端的服务器不接受您的私钥(正如@julen-larrucea:所说,使用ssh-copy-id来获取另一端可用的密钥)。

然后,您ssh尝试使用不同的密钥文件,/home/jofre/.ssh/id_dsa但该文件格式不正确(missing begin marker),因此它放弃并提示您输入/home/jofre/.ssh/id_dsa格式错误的文件的密码。阅读man ssh-keygen,并可能mv /home/jofre/.ssh/id_dsa\{,.hidden\}将其重命名为/home/jofre/.ssh/id_dsa.hidden,这将使它ssh被忽略,并将其保存在您可以取回的地方。

相关内容