我正在尝试使用客户端提供给我的用户名和密码通过 SFTP 连接到服务器,但我一直收到。我在 Ubuntu 13.10 上,我尝试在终端中Disconnected: No supported authentication methods available (server sent: publickey)使用 Filezilla gui 以及和sftp -vv user@host。lftp -u user sftp://host
这是我在 Debug:Verbose 模式下从 Filezilla 获得的输出:
Response: fzSftp started
Trace: CSftpControlSocket::ConnectParseResponse(fzSftp started)
Trace: CSftpControlSocket::SendNextCommand()
Trace: CSftpControlSocket::ConnectSend()
Command: open "user@host" 22
Trace: Server version: SSH-2.0-CoreFTP-0.3.1
Trace: Using SSH protocol version 2
Trace: We claim version: SSH-2.0-PuTTY_Local:_Sep_14_2013_01:12:43
Trace: Using Diffie-Hellman with standard group "group14"
Trace: Doing Diffie-Hellman key exchange with hash SHA-1
Trace: Host key fingerprint is:
Trace: ssh-rsa 1024 b1:ac:c5:b6:d2:b8:d3:ef:fc:d2:b3:d8:06:2c:d2:25
Trace: Initialised AES-256 SDCTR client->server encryption
Trace: Initialised HMAC-SHA1 client->server MAC algorithm
Trace: Initialised AES-256 SDCTR server->client encryption
Trace: Initialised HMAC-SHA1 server->client MAC algorithm
Trace: Pageant is running. Requesting keys.
Trace: Pageant has 1 SSH-2 keys
Trace: Trying Pageant key #0
Trace: Sending Pageant's response
Trace: Access denied
Trace: Disconnected: No supported authentication methods available (server sent: publickey)
Error: Disconnected: No supported authentication methods available (server sent: publickey)
Trace: CSftpControlSocket::ResetOperation(66)
Trace: CControlSocket::ResetOperation(66)
Error: Could not connect to server
sftp -vv输出类似。看来 Pageant 在密码之前提供了我的公钥(这是正常的),但随后没有继续进行密码验证。有没有办法先强制进行密码验证(即完全绕过 Pageant)?我必须能够通过此连接执行 bash 脚本操作,因此必须使用sftp或lftp命令。是否有可以设置标志来实现此目的?我查看了手册页,但没有找到我要找的内容。
客户端服务器上总是存在配置错误的可能性,但由于客户端能够从该帐户登录,所以我怀疑问题出在我这边的某个地方。
更新
客户端能够使用 Windows 上的 Filezilla 使用此帐户登录服务器,排除了其服务器配置为仅允许公钥身份验证的可能性。这是一家规模较大的公司,其 IT 部门拥有许多此类帐户,因此合理地可以肯定他们之前已经这样做过。以下是 Filezilla 中 Debug:Verbose 的输出:
Status: Connecting to host:22...
Trace: Going to execute "C:\Program Files\FileZilla FTP Client\fzsftp.exe"
Response: fzSftp started
Trace: CSftpControlSocket::ConnectParseResponse(fzSftp started)
Trace: CSftpControlSocket::SendNextCommand()
Trace: CSftpControlSocket::ConnectSend()
Command: open "user@host" 22
Trace: Looking up host "host"
Trace: Connecting to xxx.xxx.xxx.xxx port 22
Trace: Server version: SSH-2.0-CoreFTP-0.3.1
Trace: Using SSH protocol version 2
Trace: We claim version: SSH-2.0-PuTTY_Local:_Jun_15_2008_14:47:43
Trace: Using Diffie-Hellman with standard group "group14"
Trace: Doing Diffie-Hellman key exchange with hash SHA-1
Trace: Host key fingerprint is:
Trace: ssh-rsa 1024 b1:ac:c5:b6:d2:b8:d3:ef:fc:d2:b3:d8:06:2c:d2:25
Trace: Initialised AES-256 SDCTR client->server encryption
Trace: Initialised HMAC-SHA1 client->server MAC algorithm
Trace: Initialised AES-256 SDCTR server->client encryption
Trace: Initialised HMAC-SHA1 server->client MAC algorithm
Command: Pass: ********
Trace: Sent password
Trace: Access granted
Trace: Opened channel for session
Trace: Started a shell/command
Status: Connected to host
Trace: CSftpControlSocket::ConnectParseResponse()
Trace: CSftpControlSocket::ResetOperation(0)
Trace: CControlSocket::ResetOperation(0)
Status: Retrieving directory listing...
Trace: CSftpControlSocket::SendNextCommand()
Trace: CSftpControlSocket::ChangeDirSend()
Command: pwd
Response: Current directory is: "/"
答案1
服务器配置为仅允许公钥身份验证,而不允许密码身份验证。您可以看到以下内容:
Trace: Disconnected: No supported authentication methods available (server sent: publickey)
Error: Disconnected: No supported authentication methods available (server sent: publickey)
答案2
也许答案有点晚了,但对于像我一样最终来到这里的可怜人来说。
可能发生的情况是,Filezilla 使用 env 变量SSH_AUTH_SOCK来访问可用的 ssh 密钥。
在我的计算机上,如果我echo $SSH_AUTH_SOCK在终端中运行,我会得到类似这样的结果'/run/user/1000/keyring/ssh'
为了防止 Filezilla 找到 ssh 代理中的 ssh 密钥,您可以通过以下方式清空该环境变量export SSH_AUTH_SOCK=""。现在,如果您在此终端启动 Filezilla,它将无法从 ssh 代理访问 ssh 密钥,并且它将使用配置的连接密码。