我正在尝试将公钥复制到远程服务器。我以 [localname] 身份在本地登录,密钥位于本地~/.ssh/。我还以 [remotename] 的身份 ssh 进入 [remote.com],并尝试这样上传密钥:
scp [localname]@localhost:~/.ssh/id_rsa.pub [remotename]@[remote.com]:/home/[remotename]/.ssh/uploaded_key.pub
我看到 [remote.com] 的欢迎消息,但随后系统询问我:
[localuser]@localhost's password:
但是 [localuser] 的密码([localuser] 用于登录本地计算机的密码)不被接受:
Permission denied, please try again.
这是详细输出:
Executing: /usr/bin/ssh '-v' '-x' '-oClearAllForwardings yes' '-n' '-l' '[localname]' 'localhost' 'scp -v' '~/.ssh/id_rsa.pub' '[remotename]@[remote.com]:/home/[remotename]/.ssh/uploaded_key.pub'
OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/[remotename]/.ssh/identity type -1
debug1: identity file /home/[remotename]/.ssh/id_rsa type -1
debug1: identity file /home/[remotename]/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu7
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /home/[remotename]/.ssh/known_hosts:5
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
*****************************************
** This is [remote.com] server **
** Unauthorized access is PROHIBITED **
*****************************************
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/[remotename]/.ssh/identity
debug1: Trying private key: /home/[remotename]/.ssh/id_rsa
debug1: Trying private key: /home/[remotename]/.ssh/id_dsa
debug1: Next authentication method: password
[localname]@localhost's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
[localname]@localhost's password:
任何人都可以验证这是否是 scp 的正确用法,或提供故障排除提示吗?
本地主机:Mac OS X 10.6.8 上的终端 2.1.2 |远程:Ubuntu 10.04
答案1
这似乎过于复杂。尝试使用以下内容localhost:
scp ~/.ssh/id_rsa.pub [remotename]@[remote.com]:.ssh/uploaded_key.pub
答案2
有趣的问题,我刚刚尝试了同样的事情并遇到了同样的错误。我用-vvvswitch 来弄清楚幕后发生了什么,基本上它通过 ssh 连接到你的本地主机并执行scp -v ~/.ssh/id_rsa.pub remoteuser@remoteserver:~/
这应该可以正常工作,但是,该命令尝试从 stdin 读取密码,但如果没有控制 tty,则没有密码,因此会出现权限被拒绝的消息。
这是调试的简化版本,它解释了我的观点:
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
dpac@localhost's password:
debug3: packet_send2: adding 64 (len 60 padlen 4 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
.
.
.
debug1: Sending command: scp -v ~/.ssh/id_rsa.pub REMOTEUSER@REMOTESERVER:~/
debug2: channel 1: request exec confirm 1
debug2: callback done
debug2: channel 1: open confirm rwindow 0 rmax 32768
debug2: channel 1: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 1
debug2: exec request accepted on channel 1
debug2: channel 1: read<=0 rfd 5 len 0
debug2: channel 1: read failed
debug2: channel 1: close_read
debug2: channel 1: input open -> drain
debug2: channel 1: ibuf empty
debug2: channel 1: send eof
debug2: channel 1: input drain -> closed
debug2: channel 1: rcvd ext data 92
Executing: program /usr/bin/ssh host REMOTESERVER, user REMOTEUSER, command scp -v -t -- ~/
debug2: channel 1: written 92 to efd 7
debug2: channel 1: rcvd ext data 57
.
.
.
.
.
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/dpac/.ssh/id_rsa
debug1: Trying private key: /home/dpac/.ssh/id_dsa
debug2: channel 1: written 214 to efd 7
debug2: channel 1: rcvd ext data 100
debug2: channel 1: rcvd ext data 73
debug1: Trying private key: /home/dpac/.ssh/id_ecdsa
debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug2: channel 1: written 173 to efd 7
debug2: channel 1: rcvd ext data 174
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug2: channel 1: written 174 to efd 7
debug2: channel 1: rcvd ext data 101
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
debug2: channel 1: written 101 to efd 7
debug2: channel 1: rcvd ext data 73
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug2: channel 1: written 73 to efd 7
debug2: channel 1: rcvd ext data 152
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
Permission denied (publickey,password).
答案3
到目前为止,我还没有发现任何scp版本支持对源和目标使用“远程”规范。