我已经尝试解决这个问题一段时间了,但说实话我还是挺困惑的。
我刚刚启动了一台新服务器,并正在设置 OpenSSH 以使用基于密钥的 SSH 登录,但我遇到了一个相当棘手的问题。所有指南都相对相似,我一直在密切关注它们(尽管之前已经这样做过一次)。我仔细检查了我的工作,看看是否会发现一些明显的错误 - 但什么都没有发现。据我所知,我没有做错任何事(我已经非常仔细地检查过了)。
如果有任何帮助,我正在使用 Cygwin 并且服务器正在运行 Ubuntu 12.04.1 LTS。
无论如何,这里是输出(为了保护隐私,我删除/审查了一些部分(主要是我的名字、网站或其 IP 地址),但我可以向你保证那里没有任何问题):
$ ssh user@host -v
OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Connecting to host [ipaddress] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type 1
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: identity file /home/user/.ssh/id_ecdsa type -1
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 24:68:c3:d8:13:f8:61:94:f2:95:34:d1:e2:6d:e7:d7
debug1: Host 'host' is known and matches the ECDSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:2
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/user/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/user/.ssh/id_dsa
debug1: Trying private key: /home/user/.ssh/id_ecdsa
debug1: No more authentication methods to try.
Permission denied (publickey).
我该如何解决我的问题?
答案1
当我尝试以目标计算机上不存在的虚拟用户身份登录时,或者密钥不在目标计算机上的 .ssh/authorized_keys 文件中时,我得到了该输出。您确定“用户”存在并且您的密钥在目标计算机上的 .ssh/authorized_keys 文件中吗?您尝试过 ssh-copy-id 吗?
答案2
经过深思熟虑,我决定最好删除 authorized_keys,而不是手动删除,只需使用ssh-copy-id
将密钥发送到服务器上。它似乎运行完美。