两台服务器,同步配置和ssh密钥。连接到目标时,第一台服务器切换到密码模式:
debug1: Authentications that can continue: password,publickey,keyboard-interactive
debug3: start over, passed a different list password,publickey,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-dss blen 433
debug2: input_userauth_pk_ok: fp xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
debug3: sign_and_send_pubkey
debug1: read PEM private key done: type DSA
Authenticated with partial success.
debug1: Authentications that can continue: password,publickey,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
Password Authentication
debug2: input_userauth_info_req: num_prompts 1
Password:
当第二台服务器进入无限循环时:
debug1: Authentications that can continue: password,publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering DSA public key: /root/.ssh/id_dsa
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-dss blen 433
debug2: input_userauth_pk_ok: fp xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx [MD5]
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type DSA
Authenticated with partial success.
debug2: key: /root/.ssh/id_dsa ((nil)), explicit
debug1: Authentications that can continue: password,publickey,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type DSA
debug2: we sent a publickey packet, wait for reply
Authenticated with partial success.
debug2: key: /root/.ssh/id_dsa ((nil)), explicit
debug1: Authentications that can continue: password,publickey,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type DSA
debug2: we sent a publickey packet, wait for reply
Authenticated with partial success.
debug2: key: /root/.ssh/id_dsa ((nil)), explicit
debug1: Authentications that can continue: password,publickey,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type DSA
debug2: we sent a publickey packet, wait for reply
Authenticated with partial success.
debug2: key: /root/.ssh/id_dsa ((nil)), explicit
debug1: Authentications that can continue: password,publickey,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type DSA
debug2: we sent a publickey packet, wait for reply
....
知道原因吗?
答案1
看来问题出在 ssh 客户端二进制文件上:
OpenSSH_6.6.1p1, OpenSSL 0.9.8j-fips 07 Jan 2009
复制旧的 ssh 二进制文件后,我能够连接到目标服务器。
答案2
我的情况略有不同。我有一个脚本,它通过 sftp 从远程服务器下载文件,并进行密码验证(借助 expect)。当我升级操作系统(Solaris10 x86)时,sftp 突然停止询问密码:
$ sftp -b batches/batch_file [email protected]
Permission denied (password).
Connection closed
当我添加-o BatchMode=no到命令行时,出现密码提示:
$ sftp -o BatchMode=no -b batches/batch_file [email protected]
[email protected]'s password: