事件的顺序如下:
- 几个月前,我将我的 RSA 密钥添加到 .ssh/[我的管理员用户],更新了权限,并禁用了密码 SSH 身份验证。
- 我格式化了我的桌面,但忘记重新启用密码 SSH 身份验证。
- 然后,我新配置的桌面无法通过 SSH 进入 NAS。
我尝试通过 DSM Web GUI 更新我新生成的 RSA 密钥 - File Station>Homes>[我的管理员用户]/.ssh/authorized_keys
但是我仍然无法 ssh,这里是详细模式下 ssh 输出的尾部:
debug1: Found key in /home/hc/.ssh/known_hosts:6
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /home/hc/.ssh/id_rsa (0x55c5c982c140), agent
debug2: key: /home/hc/.ssh/id_dsa ((nil))
debug2: key: /home/hc/.ssh/id_ecdsa ((nil))
debug2: key: /home/hc/.ssh/id_ed25519 ((nil))
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/hc/.ssh/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/hc/.ssh/id_dsa
debug3: no such identity: /home/hc/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/hc/.ssh/id_ecdsa
debug3: no such identity: /home/hc/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/hc/.ssh/id_ed25519
debug3: no such identity: /home/hc/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
我不知道是否:
- 有一种方法可以
/etc/ssh/sshd_config
通过 DSM Web GUI 访问 NAS;或者 - 有办法解决我的
/home/[my admin user]/.ssh/authorized_keys
;或者 - 有一种方法可以让我重新获得 SSH 访问权限...我确实可以物理访问我的 NAS。
Synology 支持建议我对 NAS 进行硬重置。如果有更好的选择,我宁愿不这样做,因为我配置了太多东西。
信息:
- DSM 6.2.2-24922
- DS1019+
答案1
回答您的问题 1.) 我已成功通过 Telnet 登录到我的 SynoNAS。您必须先启用它:Control Panel -> Terminal & SNMP -> Enable Telnet service
。
之后您应该能够直接telnet [nas_ip]
进入您的 NAS。它甚至应该会为您提供 bash。
到目前为止,我无法修复 ssh。它不知怎么就让我停止连接,而/var/log/messages
或中没有任何错误消息/var/log/auth.log
。
更新:
我能够通过将用户文件夹的权限更改/volume1/homes/[user]
为 来修复 ssh 0755
。它甚至可能在更严格的权限下工作。使用的命令是
chmod 0700 [user_folder]
我通过以下帖子了解到了这一点:
https://superuser.com/questions/1632729/ssh-public-key-login-fails