使用“ssh-add”添加密钥有效,但使用“-i”传递密钥无效

tag-icon tag-icon networking ssh openssh sshd ssh-agent
使用“ssh-add”添加密钥有效,但使用“-i”传递密钥无效

我有如下案例:

ssh -J${some-jump-host} -i some-key.pem opc@${some-ip}

它不要求输入密钥密码,some-key.pem而直接失败,因为未经身份验证。

但是,如果我这样做:

ssh-add -K some-key.pem
ssh -J${some-jump-host} opc@${some-ip}

这会在添加密钥时询问密码,然后它就可以工作了。

我有

$ cat ~/.ssh/config
Include ~/ssh_config

Host *
    UseKeychain yes
    StrictHostKeyChecking no
    User my-username

IdentityFile path-to-an-irrelevant-key
IdentityFile path-to-some-other-irrelevant-key
ServerAliveInterval 60
ServerAliveCountMax 10
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null
ForwardAgent yes
ForwardX11 yes

我们~/ssh_config只定义了一些主机和代理跳转,以及这些:

Host *
    User my-username
    PKCS11Provider /Library/OpenSC/lib/opensc-pkcs11.so
    ForwardAgent yes 
    StrictHostKeyChecking no
    UserKnownHostsFile=/dev/null

所以我的问题是,为什么 ssh 在传递密钥时似乎忽略了它-i

笔记:-vvv这是与以下情况 相关的输出:-i

debug1: Will attempt key: some-key.pem  explicit
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 53
debug3: input_userauth_banner
Authorized uses only. All activity may be monitored and reported.
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey

相关内容