我正在尝试从 Mac SSH 到 Windows 主机。在 Windows 主机上,我已确认 ssh 客户端和服务器正在运行:
Running ssh-agent OpenSSH Authentication Agent
Running sshd OpenSSH SSH Server
我已经在 mac 主机上创建了一个密钥对,并将公钥添加到了 windows 主机user_name\.ssh\authorized_keys。
我已编辑C:\ProgramData\ssh\sshd_config并设置PubkeyAuthentication为yes。
我已禁用继承,并将用户设置为 Windows 主机上 authorized_keys 文件的唯一所有者。
每次我连接时,系统仍会提示我输入密码。以下是详细的 ssh 日志:
OpenSSH_8.1p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 47: Applying options for *
debug1: Connecting to 35.236.81.186 [35.236.81.186] port 22.
debug1: Connection established.
debug1: identity file .ssh/test-key type 0
debug1: identity file .ssh/test-key-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_for_Windows_7.7
debug1: match: OpenSSH_for_Windows_7.7 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 35.236.81.186:22 as 'user_name'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:veyhbrqy4sjdCuKVzN0QeULqYuim9uPKuHv+tZmik9o
debug1: Host '35.236.81.186' is known and matches the ECDSA host key.
debug1: Found key in /Users/user_name/.ssh/known_hosts:16
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: .ssh/test-key RSA SHA256:v8x4oVslm8vO8mXo1d368xaw6yi99k94y/NGGq0UnBM explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: .ssh/test-key RSA SHA256:v8x4oVslm8vO8mXo1d368xaw6yi99k94y/NGGq0UnBM explicit
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
[email protected]'s password:
如果有人任何关于我还能尝试什么来让公钥认证工作,我完全没有主意了,愿意听取任何建议。我感谢所有帮助,谢谢。
答案1
终于!感谢大家向我指出了更多资源,这些资源似乎终于解决了我的问题!
似乎通过注释掉这一行
Match Group administrators
AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys
在 sshd_config 文件中,我能够使用公钥进行身份验证。我不确定为什么会出现这种情况,因为我确实将公钥添加到该文件以及我的主文件夹中,但无论如何,删除该行似乎确实有效。
再次感谢大家的帮助,我非常感激。