为什么我坚持要问一个问题
我快速搜索了一下这个问题,并尝试了一些解决方案。但都没有用。
我做了什么
Termux 作为主机。安装了apt install openssh,创建了公钥ssh-keygen,密码为空。然后我继续使用cat id_rsa.pub >> authorized_keys。尝试在ssh localhost -p 8022 -i id_rsa主机上使用 ssh。没问题。但在ssh IP -p 8022 -i id_rsa客户机上使用,没有运气。我得到Permission denied (publickey,keyboard-interactive)
sshd -d
从主机(成功)
$ sshd -d debug1: sshd version OpenSSH_7.8, OpenSSL 1.1.1 11 Sep 2018 debug1: private host key #0: ssh-rsa SHA256:iFL8gWX/82tKCisCVLKZBNPOqjhCJkc7FsMnrpgnvLQ debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:e6xyxgJ4tsTWSgh/l8ugijsCnJNz10tc+CLtuLFiUvE debug1: private host key #2: ssh-ed25519 SHA256:5+j3igYvX5HjpIMV9OikSdhN9JxDzxhHkDfkA7huHp8 debug1: rexec_argv[0]='/data/data/com.termux/files/usr/bin/sshd' debug1: rexec_argv[1]='-d' debug1: Bind to port 8022 on ::. Server listening on :: port 8022. debug1: Bind to port 8022 on 0.0.0.0. Server listening on 0.0.0.0 port 8022. debug1: Server will not fork when running in debugging mode. debug1: rexec start in 7 out 7 newsock 7 pipe -1 sock 10 debug1: inetd sockets after dupping: 5, 5 Connection from 127.0.0.1 port 54583 on 127.0.0.1 port 8022 debug1: Client protocol version 2.0; client software version OpenSSH_7.8 debug1: match: OpenSSH_7.8 pat OpenSSH* compat 0x04000000 debug1: Local version string SSH-2.0-OpenSSH_7.8 debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_INIT debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey after 134217728 blocks debug1: KEX done debug1: userauth-request for user u0_a121 service ssh-connection method none debug1: attempt 0 failures 0 Failed none for u0_a121 from 127.0.0.1 port 54583 ssh2 debug1: userauth-request for user u0_a121 service ssh-connection method publickey debug1: attempt 1 failures 0 debug1: userauth_pubkey: test pkalg rsa-sha2-512 pkblob RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0 debug1: temporarily_use_uid: 10121/10121 (e=10121/10121) debug1: trying public key file /data/data/com.termux/files/home/.ssh/authorized_keys debug1: fd 9 clearing O_NONBLOCK debug1: /data/data/com.termux/files/home/.ssh/authorized_keys:2: matching key found: RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0 debug1: /data/data/com.termux/files/home/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding Accepted key RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0 found at /data/data/com.termux/files/home/.ssh/authorized_keys:2 debug1: restore_uid: (unprivileged) Postponed publickey for u0_a121 from 127.0.0.1 port 54583 ssh2 debug1: userauth-request for user u0_a121 service ssh-connection method publickey debug1: attempt 2 failures 0 debug1: temporarily_use_uid: 10121/10121 (e=10121/10121) debug1: trying public key file /data/data/com.termux/files/home/.ssh/authorized_keys debug1: fd 9 clearing O_NONBLOCK debug1: /data/data/com.termux/files/home/.ssh/authorized_keys:2: matching key found: RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0 debug1: /data/data/com.termux/files/home/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding Accepted key RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0 found at /data/data/com.termux/files/home/.ssh/authorized_keys:2 debug1: restore_uid: (unprivileged) debug1: auth_activate_options: setting new authentication options Accepted publickey for u0_a121 from 127.0.0.1 port 54583 ssh2: RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0 debug1: active: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding debug1: Entering interactive session for SSH2. debug1: server_init_dispatch debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384 debug1: input_session_request debug1: channel 0: new [server-session] debug1: session_new: session 0 debug1: session_open: channel 0 debug1: session_open: session 0: link with channel 0debug1: session_open: session 0: link with channel 0 debug1: server_input_channel_open: confirm session debug1: server_input_global_request: rtype [email protected] want_reply 0 debug1: server_input_channel_req: channel 0 request pty-req reply 1 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req pty-req debug1: Allocating pty. debug1: session_pty_req: session 0 alloc /dev/pts/2 debug1: server_input_channel_req: channel 0 request env reply 0 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req env debug1: server_input_channel_req: channel 0 request shell reply 1 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req shell Starting session: shell on pts/2 for u0_a121 from 127.0.0.1 port 54583 id 0 debug1: Setting controlling tty using TIOCSCTTY.来自客户机(权限被拒绝)
$ sshd -d debug1: sshd version OpenSSH_7.8, OpenSSL 1.1.1 11 Sep 2018 debug1: private host key #0: ssh-rsa SHA256:iFL8gWX/82tKCisCVLKZBNPOqjhCJkc7FsMnrpgnvLQ debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:e6xyxgJ4tsTWSgh/l8ugijsCnJNz10tc+CLtuLFiUvE debug1: private host key #2: ssh-ed25519 SHA256:5+j3igYvX5HjpIMV9OikSdhN9JxDzxhHkDfkA7huHp8 debug1: rexec_argv[0]='/data/data/com.termux/files/usr/bin/sshd' debug1: rexec_argv[1]='-d' debug1: Bind to port 8022 on ::. Server listening on :: port 8022. debug1: Bind to port 8022 on 0.0.0.0. Server listening on 0.0.0.0 port 8022. debug1: Server will not fork when running in debugging mode. debug1: rexec start in 7 out 7 newsock 7 pipe -1 sock 10 debug1: inetd sockets after dupping: 5, 5 Connection from 192.168.0.154 port 45802 on 192.168.0.197 port 8022 debug1: Client protocol version 2.0; client software version OpenSSH_7.4p1 Debian-10+deb9u4 debug1: match: OpenSSH_7.4p1 Debian-10+deb9u4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002 debug1: Local version string SSH-2.0-OpenSSH_7.8 debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_INIT debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey after 134217728 blocks debug1: KEX done debug1: userauth-request for user izzatnasrun service ssh-connection method none debug1: attempt 0 failures 0 Failed none for izzatnasrun from 192.168.0.154 port 45802 ssh2 debug1: userauth-request for user izzatnasrun service ssh-connection method keyboard-interactive debug1: attempt 1 failures 0 debug1: keyboard-interactive devs debug1: auth2_challenge: user=izzatnasrun devs= debug1: kbdint_alloc: devices '' Failed keyboard-interactive for izzatnasrun from 192.168.0.154 port 45802 ssh2 Connection closed by authenticating user izzatnasrun 192.168.0.154 port 45802 debug1: do_cleanup
笔记
主机上的权限如下
chmod 600 ~/.ssh/authorized_keys chmod 700 ~/.ssh chmod 700 ~Termux sshd 默认设置为 8022
- Termux 不接受密码,因此
PasswordAuthentication no是必须的
答案1
公钥应该在客户机上创建。因此,客户机ssh-keygen和cat id_rsa.pub >> authorized_keys主机都id_rsa.pub来自客户机和authorized_keys主机。