我正在尝试使用 ssh 的公钥/私钥从一个 ubuntu 框登录到另一个 ubuntu 框,但是不起作用。
OMD[live]:~/.ssh$ ssh -l myuser -v -i /test/sites/live/.ssh/id.rsa.myuser xxx.xxx.xxx.xxx
OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port 22.
debug1: Connection established.
debug1: identity file /omd/sites/live/.ssh/id.rsa.myuser type -1
debug1: identity file /omd/sites/live/.ssh/id.rsa.myuser-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 26:da:c8:3f:b6:e1:4c:0f:31:58:e0:06:4f:ac:a8:86
debug1: Host 'xxx.xxx.xxx.xxx' is known and matches the ECDSA host key.
debug1: Found key in /omd/sites/live/.ssh/known_hosts:22
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /omd/sites/live/.ssh/id.rsa.myuser
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password
[email protected]'s password:
我不知道为什么?它似乎尝试使用私钥,但之后没有错误消息,只有密码提示。
除了这个盒子之外,这种方法还适用于其他盒子。
有任何想法吗?
答案1
您必须在 ~/.ssh/authorized_keys 中拥有公钥(/omd/sites/live/.ssh/id.rsa.myuser.pub
)才能进行公钥/私钥工作,否则目标系统将拒绝该密钥,客户端只会转到下一个有效方法(此情况是密码,因为您没有任何其他密钥)