所以我一直在尝试各种方法通过 SSH 进入我的 Server '08 盒子。我尝试过 FreeSSHD 和 Cygwin。当我使用简单的 SHA 通行证身份验证时,一切正常,但当我尝试使用密钥时,会发生以下情况:
- id_rsa 密钥被识别
- 密码被接受
- 但随后对用户密码的请求返回“权限被拒绝”错误
终端输出如下:
ssh -v -p 22 -i /home/m1ckrz/.ssh/id_rsa [email protected]
OpenSSH_6.2p2 Ubuntu-6ubuntu0.4, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 10.11.1.22 [10.11.1.22] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /home/m1ckrz/.ssh/id_rsa type -1
debug1: identity file /home/m1ckrz/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.4
debug1: Remote protocol version 2.0, remote software version WeOnlyDo 2.1.3
debug1: no match: WeOnlyDo 2.1.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Server host key: RSA f6:cf:a9:fe:42:6e:21:73:84:1e:08:25:b7:b2:5b:38
debug1: Host '10.11.1.22' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: password,publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/m1ckrz/.ssh/id_rsa
debug1: key_parse_private_pem: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/m1ckrz/.ssh/id_rsa':
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: password,publickey
debug1: Next authentication method: password
[email protected]'s password:
debug1: Authentications that can continue: password,publickey
Permission denied, please try again.
[email protected]'s password:
debug1: Authentications that can continue: password,publickey
Permission denied, please try again.
[email protected]'s password:
Received disconnect from 10.11.1.22: 2: Too many attempts.
答案1
您已经在使用 的“详细”-v选项ssh。
它还有一个“非常详细”的选项-vv。
哦,还有“非常非常冗长”,-vvv这实际上可能太冗长了!
所以,我希望你在跑步时能明白问题出在哪里
ssh -vv -p 22 -i /home/m1ckrz/.ssh/id_rsa [email protected] 2>&1 | less
如果没有,请尝试使用-vvv,它会提供大约 300 行输出。
答案2
检查您的私钥文件的权限:
debug1: Trying private key: /home/m1ckrz/.ssh/id_rsa
如果它不是 600 (rw--------) 则 SSH 通常会放弃使用它,因为它可能已被泄露。
例如
$ ls -l ~/.ssh/ | grep "[ ]id_rsa"
-rw-------. 1 saml saml 1766 Aug 5 21:43 id_rsa
-rw-r--r--. 1 saml saml 406 Aug 5 21:43 id_rsa.pub
ssh通过额外的开关来增加冗长的程度-v将会更清楚地说明这个问题。
$ ssh -vvv ....