我正在尝试设置 SSH 以使用私钥而不是密码连接到我的主机,但是 Windows SSH 客户端无法连接到我的主机:
PS C:\Users\user> ssh some_user@some_host.com
some_user@some_host.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
我的 ssh 配置文件位于,C:\Users\user\.ssh\config具有这样的配置:
Host some_host.com
HostName some_host.com
IdentityFile C:\Users\user\.ssh\my_private_key_ed25519
PreferredAuthentications publickey
PubKeyAuthentication yes
IdentitiesOnly yes
在主机端,公钥已添加到文件中authorized_keys。可能出了什么问题?
upd:这是带有该选项的输出-v:
PS C:\Users\user> ssh -v some_user@some_host.com
OpenSSH_for_Windows_8.6p1, LibreSSL 3.4.3
debug1: Reading configuration data C:\\Users\\user/.ssh/config
debug1: C:\\Users\\user/.ssh/config line 14: Applying options for some_host.com
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to some_host.com [80.66.64.207] port 22.
debug1: Connection established.
debug1: identity file C:\\Users\\user\\.ssh\\my_private_key_ed25519 type 3
debug1: identity file C:\\Users\\user\\.ssh\\my_private_key_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: compat_banner: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug1: Authenticating to some_host.com:22 as 'some_user'
debug1: load_hostkeys: fopen C:\\Users\\user/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:adJ3k37I71nepzjc16nAIKz1Z7pen+P1oON1VQu/ZhU
debug1: load_hostkeys: fopen C:\\Users\\user/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'some_host.com' is known and matches the ED25519 host key.
debug1: Found key in C:\\Users\\user/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug1: Will attempt key: C:\\Users\\user\\.ssh\\my_private_key_ed25519 ED25519 SHA256:BD7aQc7aF+rVUKOhYfd/f8ra0RKTTswtnttv1wZfz8Q explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering public key: C:\\Users\\user\\.ssh\\my_private_key_ed25519 ED25519 SHA256:BD7aQc7aF+rVUKOhYfd/f8ra0RKTTswtnttv1wZfz8Q explicit
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: No more authentication methods to try.
some_user@some_host.com: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
答案1
看来公钥被错误地导入到了服务器中。通过删除目录并在客户端计算机上~/.ssh使用以下命令加载公钥来解决:ssh-copy-id
$ ssh-copy-id -i ~/.ssh/my_private_key_ed25519 some_user@some_host.com
但是 Windows Power Shell 没有该ssh-copy-id命令,所以我改用 Git Bash。