SSH 成功连接到我的系统,但即使没有标志,-v我也会收到key_load_public: invalid format消息。下面是使用详细标志的输出。
具体来说
debug1: key_load_public: No such file or directory debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
似乎是问题所在,因为我没有这样的文件。然而,我检查了另一个系统,我也得到了上面两行相同的信息。然而在此之前没有key_load_public: invalid format,这才是我真正想摆脱的。两个远程系统上的authorized_keys 文件的权限看起来相同,private_keys 的权限看起来也相同。
$ ssh -v desired_host
OpenSSH_7.2p2, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /home/myname/.ssh/config
debug1: /home/dli/.ssh/config line 16: Applying options for desired_host
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to desired_host [X.X.X.X] port 22.
debug1: Connection established.
key_load_public: invalid format
debug1: identity file /home/myname/.ssh/private_rsa_key type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to desired_host:22 as 'myname'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:EmG/FBK0OCXtaAqAkfHKxoXKLGiZiHUsQpObK6aWd30
debug1: Host 'desired_host' is known and matches the RSA host key.
debug1: Found key in /home/myname/.ssh/known_hosts:39
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/myname/.ssh/private_rsa_key
debug1: Authentication succeeded (publickey).
Authenticated to desired_host ([X.X.X.X]:22).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: network
答案1
对我来说同样的问题,不同的来源和解决方案:
我在客户端的 .ssh 文件夹中有 id_rsa.foo (正确的私钥)和 id_rsa.foo.pub (匹配的 pubkey)。删除或重命名公钥会使消息消失。
答案2
有两个单独的消息:
这告诉你.ssh/private_rsa_key格式错误:
key_load_public: invalid format
debug1: identity file /home/myname/.ssh/private_rsa_key type -1
这个不会出现在没有-v开关的情况下,只是提供信息告诉您您没有证书:
debug1: key_load_public: No such file or directory
debug1: identity file /home/myname/.ssh/private_rsa_key-cert type -1
第二条消息无需担心。
答案3
当我发出
ssh myid@mydomain
并收到消息(即使我成功登录到远程盒子)
key_load_public: invalid format
发生这种情况是因为我的本地 ~/.ssh/xxx.pub 实际上包含我的私钥文件的内容,即使远程主机在文件 ~myid/.ssh/authorized_keys 中正确地包含了我的公钥,所以解决方案是纠正我的本地 ~/ .ssh/xxx.pub 所以它有我的公钥
答案4
我最终成功了,确保准确地复制并粘贴私有 RSA 密钥的内容,例如
-----BEGIN RSA PRIVATE KEY-----
<content>.....
-----END RSA PRIVATE KEY-----
包括所有 EOL 选项卡或那里的任何内容。