我最近将主机从 Ubuntu 14.04 升级到 18.04,当我尝试ssh在 18.04 下使用时,收到错误消息key_load_public: invalid format。
我在此主机(和远程)上使用的密钥对的公钥部分如下所示:
command="/root/bin/rsync_only" ssh-rsa AAAAB...kEzWH0cMQ== root@vargas
看来如果我删除该command=部分,我就不会收到invalid format错误。多年来它一直运行良好。有人知道为什么现在这是一个问题吗?
/root/bin/rsync_only
#!/bin/sh
case "$SSH_ORIGINAL_COMMAND" in
*\&*)
echo "Rejected"
;;
*\;*)
echo "Rejected"
;;
rsync\ --server*)
$SSH_ORIGINAL_COMMAND
;;
*)
echo "Rejected"
;;
esac
ssh-vvv
# ssh remote_host -i ~/.ssh/id_rsync -vvv
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /root/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "remote_host" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to remote_host [10.10.16.1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
key_load_public: invalid format
...
Ubuntu 14.04 的 ssh 和 -vvv 输出
ubuntu-14.04 # ssh remote_host -i ~/.ssh/id_rsync
Rejected
Connection to remote_host closed.
ubuntu-14.04# ssh remote_host -i ~/.ssh/id_rsync -vvv
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /root/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to remote_host [10.10.16.1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug3: Incorrect RSA1 identifier
debug3: Could not load "/root/.ssh/id_rsync" as a RSA1 public key
debug2: key_type_from_name: unknown key type 'command="/root/bin/rsync_only"'
debug3: key_read: missing keytype
...
答案1
command="/root/bin/rsync_only" ssh-rsa AAAAB...kEzWH0cMQ== root@vargas
command="/root/bin/rsync_only"从公钥文件中删除文本。公钥文件应以 开头ssh-rsa,并且应包含一长行文本。
该command="/root/bin/rsync_only"指令是您可以添加到authorized_keys文件在 ssh 上服务器使服务器限制按键运行特定命令。它不是您可以添加到公钥文件中的内容,并且对 ssh 没有意义客户喜欢ssh。