公钥/私钥登录上周成功了,但当我尝试服务器是 Ubuntu 18.04.3 LTS 时失败了,我重新启用了密码登录,但仍然无法登录。我已经清除并安装了 openssh,但遇到了同样的问题。
mars@mars:~/.ssh$ ssh -V OpenSSH_7.6p1 Ubuntu-4ubuntu0.3,OpenSSL 1.0.2n 2017 年 12 月 7 日 mars@mars:~/.ssh$
尝试从本地主机使用 ssh 客户端进行调试
mars@mars:~/.ssh$ ssh -v -l mars 127.0.0.1
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/mars/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mars/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mars/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mars/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mars/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mars/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mars/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mars/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 127.0.0.1:22 as 'mars'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:mElOIw/m1QuXB4i/p5qC9K7yOEFehsgrhbYx2OSWIrk
debug1: Host '127.0.0.1' is known and matches the ECDSA host key.
debug1: Found key in /home/mars/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_1000)
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_1000)
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:0sAYfixVehl9Zm0iR35zOmaqLvmX5Lq+9lkQ3Bq0a04 /home/mars/.ssh/pi_mars
debug1: Authentications that can continue:
debug1: Trying private key: /home/mars/.ssh/id_rsa
debug1: Trying private key: /home/mars/.ssh/id_dsa
debug1: Trying private key: /home/mars/.ssh/id_ecdsa
debug1: Trying private key: /home/mars/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue:
debug1: Next authentication method: password
[email protected]'s password:
debug1: Authentications that can continue:
Permission denied, please try again.
[email protected]'s password:
服务器(即同一台机器)
$ tail -f /var/log/auth.log
Dec 4 17:26:17 mars sshd[9047]: debug1: Forked child 17318.
Dec 4 17:26:17 mars sshd[17318]: debug1: Set /proc/self/oom_score_adj to 0
Dec 4 17:26:17 mars sshd[17318]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Dec 4 17:26:17 mars sshd[17318]: rexec line 16: Deprecated option UsePrivilegeSeparation
Dec 4 17:26:17 mars sshd[17318]: rexec line 19: Deprecated option KeyRegenerationInterval
Dec 4 17:26:17 mars sshd[17318]: rexec line 20: Deprecated option ServerKeyBits
Dec 4 17:26:17 mars sshd[17318]: rexec line 31: Deprecated option RSAAuthentication
Dec 4 17:26:17 mars sshd[17318]: rexec line 38: Deprecated option RhostsRSAAuthentication
Dec 4 17:26:17 mars sshd[17318]: debug1: inetd sockets after dupping: 3, 3
Dec 4 17:26:17 mars sshd[17318]: Connection from 127.0.0.1 port 56568 on 127.0.0.1 port 22
Dec 4 17:26:17 mars sshd[17318]: debug1: Client protocol version 2.0; client software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
Dec 4 17:26:17 mars sshd[17318]: debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 pat OpenSSH* compat 0x04000000
Dec 4 17:26:17 mars sshd[17318]: debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
Dec 4 17:26:17 mars sshd[17318]: debug1: permanently_set_uid: 120/65534 [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: list_hostkey_types: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: SSH2_MSG_KEXINIT received [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: kex: algorithm: curve25519-sha256 [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: rekey after 134217728 blocks [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: SSH2_MSG_NEWKEYS received [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: rekey after 134217728 blocks [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: KEX done [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: userauth-request for user mars service ssh-connection method none [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: attempt 0 failures 0 [preauth]
Dec 4 17:26:17 mars sshd[17318]: reprocess config line 31: Deprecated option RSAAuthentication
Dec 4 17:26:17 mars sshd[17318]: reprocess config line 38: Deprecated option RhostsRSAAuthentication
Dec 4 17:26:17 mars sshd[17318]: debug1: PAM: initializing for "mars"
Dec 4 17:26:17 mars sshd[17318]: debug1: PAM: setting PAM_RHOST to "127.0.0.1"
Dec 4 17:26:17 mars sshd[17318]: debug1: PAM: setting PAM_TTY to "ssh"
Dec 4 17:26:17 mars sshd[17318]: debug1: userauth-request for user mars service ssh-connection method publickey [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: attempt 1 failures 0 [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: userauth-request for user mars service ssh-connection method keyboard-interactive [preauth]
Dec 4 17:26:17 mars sshd[17318]: debug1: attempt 2 failures 1 [preauth]
mars@mars:~$ ls -la .ssh
total 36
drwx------ 2 mars mars 4096 Dec 5 07:58 .
drwxr-xr-x 107 mars mars 12288 Dec 4 20:50 ..
-rw------- 1 mars mars 2861 Dec 5 07:59 authorized_keys
-rw-r--r-- 1 mars mars 888 Dec 4 16:55 known_hosts
-rw------- 1 mars mars 1675 Dec 5 07:57 testKey
-rw-r--r-- 1 mars mars 391 Dec 5 07:57 testKey.pub
mars@mars:~$
并使用调试 @vvv (我无法发布整个输出)当它发送密钥时
debug1: Trying private key: /tmp/testKey
debug3: sign_and_send_pubkey: RSA SHA256:13V7zA0Mqwaaep8R3vW29d7MrNw24jO3qo5xKwmzGMI
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue:
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
值得一提的是,这台机器上的 SSH 客户端运行正常,无密码登录其他机器仍然有效。
下一步该怎么做才能让它再次工作?