我遇到了一个有趣的情况,我甚至不知道从哪里开始调查。我有一台 Ubuntu 12.04 服务器,SSH 锁定到 PK-auth。当我重新启动服务器并尝试通过 SSH 进入时,我的 PK 不被接受。但是,一旦我登录服务器并再次尝试 SSH - PK 就会被接受。这是怎么回事?
在服务器登录之前从客户端机器进行 SSH 日志:
~ 21:45:00
[earth@p2mac:~]$ssh [email protected]
OpenSSH_6.9p1, LibreSSL 2.1.7
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to myhost.me [xxx.xxx.xxx.177] port 22.
debug1: Connection established.
debug1: identity file /Users/earth/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.4
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.4 pat OpenSSH_6.6.1* compat 0x04000000
debug1: Authenticating to myhost.me:22 as 'myuser'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client [email protected] <implicit> none
debug1: kex: client->server [email protected] <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:YZCmzxxxxxxxxxxxxxxxxxxxg3w/39A
debug1: Host ‘myhost.me’ is known and matches the ECDSA host key.
debug1: Found key in /Users/earth/.ssh/known_hosts:26
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/earth/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/earth/.ssh/id_dsa
debug1: Trying private key: /Users/earth/.ssh/id_ecdsa
debug1: Trying private key: /Users/earth/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).
[earth@p2mac:~]$
登录服务器后:
~21:47:00
[earth@p2mac:~]$ssh [email protected] -v
OpenSSH_6.9p1, LibreSSL 2.1.7
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to myhost.me [xx.xx.xxx.177] port 22.
debug1: Connection established.
debug1: identity file /Users/earth/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/earth/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.4
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.4 pat OpenSSH_6.6.1* compat 0x04000000
debug1: Authenticating to myhost.me:22 as 'myuser'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client [email protected] <implicit> none
debug1: kex: client->server [email protected] <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:YZCxxxxxxxxxxxxoxxxhFNkCg3w/39A
debug1: Host ‘myhost.me’ is known and matches the ECDSA host key.
debug1: Found key in /Users/earth/.ssh/known_hosts:26
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/earth/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to myhost.me ([xxx.xxx.xxx.177]:22).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LC_ALL = POSIX
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.19.0-43-generic x86_64)
启动后的完整身份验证日志:
Jan 18 21:45:14 myhost sshd[1614]: Server listening on 0.0.0.0 port 22.
Jan 18 21:45:14 myhost sshd[1614]: Server listening on :: port 22.
Jan 18 21:45:15 myhost CRON[1632]: pam_unix(cron:session): session closed for user myuser
Jan 18 21:45:15 myhost CRON[1633]: pam_unix(cron:session): session closed for user myuser
Jan 18 21:45:15 myhost CRON[1634]: pam_unix(cron:session): session closed for user myuser
Jan 18 21:45:29 myhost sshd[2417]: Connection closed by xx.xxx.xxx.177 [preauth]
Jan 18 21:46:55 myhost login[2431]: pam_ecryptfs: Passphrase file wrapped
Jan 18 21:46:57 myhost login[2259]: pam_unix(login:session): session opened for user myuser by LOGIN(uid=0)
Jan 18 21:46:57 myhost systemd-logind[740]: New session c2 of user myuser.
Jan 18 21:47:03 myhost sshd[2514]: Accepted publickey for myuser from xx.xxx.xxx.177 port 62627 ssh2: RSA a3::d7
Jan 18 21:47:03 myhost sshd[2514]: pam_unix(sshd:session): session opened for user myuser by (uid=0)
Jan 18 21:47:03 myhost systemd-logind[740]: New session 1 of user myuser.
*抱歉,我不得不删除 Stack 中的前一个问题,因为我不小心在日志中发布了一些 IP,然后我认为如果我在这里重新发布它会更好。