我正在尝试连接一台 Linux(CentOS 6.5 x64)服务器和另一台运行 Cygwin 的 Windows Server 2008 R2 服务器,并每天通过 SSHD 从 Linux 向 Windows 传输文件,我将使用公钥进行身份验证。Windows 服务器已被识别并且是 Linux SSH 中的已知主机,但是当我尝试通过scp
命令将 Linux 公钥复制到 Windows 服务器时,它返回:
Connection closed by <host IP> lost connection`
在sshd_config
文件中,有一行允许以 root 身份连接(注释为默认),我取消注释并保持不变。我尝试关闭 Windows 防火墙,但没有成功。是我的 Cygwin/SSHD 设置有问题,还是 Linux SSHD 有问题?
ssh -v
输出:
ssh -v <Windows server user>@<Host IP>
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.23 [192.168.1.23] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/identity-cert type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '192.168.1.23' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
Connection closed by <Host IP>
答案1
如果您尝试将密钥复制到 Windows 框中,那么我假设您刚刚开始设置。确保您被允许使用密码连接,如果您以 root 身份连接,也请允许这样做。确保公钥身份验证也已启用。
RSAAuthentication yes
PubkeyAuthentication yes
PasswordAuthentication yes
PermitRootLogin yes
尽管这些很重要,但确保相反的设置不存在(即RSAAuthentication no
在某处)也同样重要。在尝试 scp 之前,请先使用您要复制的用户和密码通过 ssh 进入。示例假设用户名是 joe,服务器是 devsrv:
ssh joe@devsrv
一旦你看到这个工作然后尝试你的复制:
scp mykey.pub joe@devsrv:/tmp/foo
复制密钥后,禁用密码验证PasswordAuthentication no