OpenSSH HostBasedAuthentication 失败:get_socket_address:getnameinfo 8 失败:ssh_keysign 运行时名称或服务未知

OpenSSH HostBasedAuthentication 失败:get_socket_address:getnameinfo 8 失败:ssh_keysign 运行时名称或服务未知

我有两台 Ubuntu 主机(20.04 和 16.04)。每台主机在 eth0 上都有一个公网 IP 地址,在 eth1 上有一个私有快速网络。我希望 ssh HostBasedAuthentication 在私有网络端运行。

我可以通过公钥或密码连接(如果启用),但是当尝试使用 HostBased 身份验证时,出现以下情况:

get_socket_address: getnameinfo 8 failed: Name or service not known
get_socket_address: getnameinfo 8 failed: Name or service not known
get_socket_address: getnameinfo 8 failed: Name or service not known
get_socket_address: getnameinfo 8 failed: Name or service not known
get_socket_address: getnameinfo 8 failed: Name or service not known
get_socket_address: getnameinfo 8 failed: Name or service not known
[email protected]: Permission denied (publickey,hostbased).

前台sshd -ddd进程的结果:

请注意,我已根据相关机器的 ssh-keyscan 结果检查了这些故障密钥的指纹,并且它们匹配。

debug1: sshd version OpenSSH_7.2, OpenSSL 1.0.2g  1 Mar 2016
Connection from 10.2.4.103 port 51892 on 10.2.2.241 port 845
debug1: Client protocol version 2.0; client software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x04000000
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
debug3: preauth child monitor started
debug3: privsep user:group 103:65534 [preauth]
debug1: permanently_set_uid: 103/65534 [preauth]
debug1: list_hostkey_types: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug2: KEX algorithms: [email protected],diffie-hellman-group-exchange-sha256,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521 [preauth]
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug2: ciphers ctos: [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes128-cbc [preauth]
debug2: ciphers stoc: [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes128-cbc [preauth]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,[email protected],hmac-sha1 [preauth]
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,[email protected],hmac-sha1 [preauth]
debug2: compression ctos: none,[email protected] [preauth]
debug2: compression stoc: none,[email protected] [preauth]
debug2: host key algorithms: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,[email protected],[email protected],[email protected],[email protected] [preauth]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none [preauth]
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none [preauth]
debug3: mm_key_sign entering [preauth]
debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN [preauth]
debug3: mm_answer_sign
debug3: mm_answer_sign: hostkey proof signature 0x5648f7ff7010(100)
debug2: monitor_read: 6 used once, disabling now
debug2: set_newkeys: mode 1 [preauth]
debug1: rekey after 134217728 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug2: set_newkeys: mode 0 [preauth]
debug1: rekey after 134217728 blocks [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user normaluser service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug3: mm_getpwnamallow entering [preauth]
debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_request_receive entering
debug3: mm_answer_pwnamallow
debug3: Trying to reverse map address 10.2.4.103.
debug3: checking match for 'User USR1,USR2' user normaluser host client addr 10.2.4.103 laddr 10.2.2.241 lport 845
debug3: match not found
debug3: checking match for 'Address 10.2.4.103' user normaluser host client addr 10.2.4.103 laddr 10.2.2.241 lport 845
debug1: connection from 10.2.4.103 matched 'Address 10.2.4.103' at line 133
debug3: match found
debug3: reprocess config:134 setting MaxAuthTries 10
debug3: reprocess config:135 setting HostbasedAuthentication yes
debug3: reprocess config:136 setting HostbasedUsesNameFromPacketOnly no
debug3: reprocess config:137 setting PasswordAuthentication no
debug3: checking match for 'Host client' user normaluser host client addr 10.2.4.103 laddr 10.2.2.241 lport 845
debug1: connection from client matched 'Host client' at line 140
debug3: match found
debug3: reprocess config:141 setting MaxAuthTries 10
debug3: reprocess config:142 setting HostbasedAuthentication yes
debug3: reprocess config:143 setting HostbasedUsesNameFromPacketOnly no
debug3: reprocess config:144 setting PasswordAuthentication no
debug3: checking match for 'Host client.mydomain.com' user normaluser host client addr 10.2.4.103 laddr 10.2.2.241 lport 845
debug3: match not found
debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
debug3: mm_request_send entering: type 9
debug2: monitor_read: 8 used once, disabling now
debug2: input_userauth_request: setting up authctxt for normaluser [preauth]
debug3: mm_start_pam entering [preauth]
debug3: mm_request_send entering: type 100 [preauth]
debug3: mm_inform_authserv entering [preauth]
debug3: mm_request_send entering: type 4 [preauth]
debug2: input_userauth_request: try method none [preauth]
debug3: mm_request_receive entering
debug1: PAM: initializing for "normaluser"
debug1: PAM: setting PAM_RHOST to "client"
debug1: PAM: setting PAM_TTY to "ssh"
debug2: monitor_read: 100 used once, disabling now
debug3: userauth_finish: failure partial=0 next methods="publickey,hostbased" [preauth]
debug3: mm_request_receive entering
debug3: mm_answer_authserv: service=ssh-connection, style=, role=
debug2: monitor_read: 4 used once, disabling now
debug1: userauth-request for user normaluser service ssh-connection method hostbased [preauth]
debug1: attempt 1 failures 0 [preauth]
debug2: input_userauth_request: try method hostbased [preauth]
debug1: userauth_hostbased: cuser normaluser chost client. pkalg ecdsa-sha2-nistp256 slen 101 [preauth]
debug3: mm_key_allowed entering [preauth]
debug3: mm_request_send entering: typeNITOR_ANS_KEYALLOWED [preauth]
debug3: mm_answer_keyallowed: key_from_blob: 0x5648f8007890
debug2: hostbased_key_allowed: chost client. resolvedname client ipaddr 10.2.4.103
debug2: stripping trailing dot from chost client.
debug2: auth_rhosts2: clientuser normaluser hostname client ipaddr 10.2.4.103
debug1: temporarily_use_uid: 1001/1002 (e=0/0)
debug1: restore_uid: 0/0
debug2: hostbased_key_allowed: access allowed by auth_rhosts2
debug3: hostkeys_foreach: reading file "/etc/ssh/ssh_known_hosts"
debug1: check_key_in_hostfiles: key for host client not found
debug1: check_key_in_hostfiles: key for host client not found
Failed hostbased for normaluser from 10.2.4.103 port 51892 ssh2: ECDSA SHA256:2edGL7TUE3akXzI5JtcocP+B7yxnAQ/rPAQnAIwz6Rs, client user "normaluser", client host "client"
debug3: mm_answer_keyallowed: key 0x5648f8007890 is not allowed
debug3: userauth_finish: failure partial=0 next methods="publickey,hostbased" [preauth]
debug1: userauth-request for user normaluser service ssh-connection method hostbased [preauth]

其他尝试也都以同样的方式结束。帖子大小限制让我无法包含所有内容。

debug2: userauth_hostbased: authenticated 0 [preauth]
debug3: userauth_finish: failure partial=0 next methods="publickey,hostbased" [preauth]
Connection closed by 10.2.4.103 port 51892 [preauth]
debug1: do_cleanup [preauth]
debug3: PAM: sshpam_thread_cleanup entering [preauth]
debug1: monitor_read_log: child log fd closed
debug3: mm_request_receive entering
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering
debug1: Killing privsep child 3942
debug1: audit_event: unhandled event 12

编辑:查看下面的客户端调试信息,似乎get_socket_address: getnameinfo 8 failed: Name or service not known每当 ssh_keysign(尝试)运行时就会出现。

我已尝试将此操作从 20.04 机器迁移到 16.04 机器,反之亦然——均不起作用。20.04 是此描述中的客户端。

版本:

客户端OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f 31 Mar 2020
服务器:OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016

/etc/hosts 中的相关内容:

客户:

client.public.ip.address client.mydomain.com client
10.2.2.241 server.mydomain.com server

服务器:

server.public.ip.address server.mydomain.com server mail ns2 mail.mydomain.com ns2.mydomain.com ns.mydomain.com ns
10.2.4.103 client client.mydomain.com

服务器/etc/ssh/shosts.equiv:

client
client.mydomain.com
10.2.4.103

客户端/etc/ssh/ssh_known_hosts:

[server]:845,[server.public.ip.address]:845,[server.mydomain.com]:845,[10.2.2.241]:845 ssh-rsa ...
[server]:845,[server.public.ip.address]:845,[server.mydomain.com]:845,[10.2.2.241]:845 ssh-ed25519 ...
[server]:845,[server.public.ip.address]:845,[server.mydomain.com]:845,[10.2.2.241]:845 ecdsa-sha2-nistp256 ...

服务器/etc/ssh/ssh_known_hosts:

[client]:845 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCt5EL7kugI8Ik9SD+Xb/PTicEzHEmgPRmbshsBOYzwCHPV3QqHs/hRaUGaRanyEA3/0LVXjvErvypyu2aBeJ2w3snNxTPHAqBxBInvCnZ2gWn2pdBoLZvx0o0WoQDCTJNC8Psq8kxubau5pf3t0MVZHikCIpO3EgHzEvTLxkdOIyCM+jD0K0OnBssnf1sYnls/rylI1ThcoiLX5OtWy3vGIn1YljFVdDWtAF17NUkhlSjCvBl5kkWu44mfnvtf6ilpwlLu2omfDzRGt2N7yFjQ2fi/Hmmyk/p0094as55js5OPHIzhsbFKJUdstByPdQ1HKVYzslLKk7m0JfVhtnU+NP3c9ciVmJnmy+M2CK71fTCSu16aMwF1CT08eTXHBZ4oPNN1JjxrYzknRLwdNVt+Jg75hL/aVJvl2p6NsDTx0uqvTDs/wghQQBOEHRZ9IlNrGVkA7P1e5N9DdKQA1/lcjSoX2vP1vf3YviNAF8Ecbw4B6I8bPnvEHvetY63tyv0=
[client.mydomain.com]:845 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCt5EL7kugI8Ik9SD+Xb/PTicEzHEmgPRmbshsBOYzwCHPV3QqHs/hRaUGaRanyEA3/0LVXjvErvypyu2aBeJ2w3snNxTPHAqBxBInvCnZ2gWn2pdBoLZvx0o0WoQDCTJNC8Psq8kxubau5pf3t0MVZHikCIpO3EgHzEvTLxkdOIyCM+jD0K0OnBssnf1sYnls/rylI1ThcoiLX5OtWy3vGIn1YljFVdDWtAF17NUkhlSjCvBl5kkWu44mfnvtf6ilpwlLu2omfDzRGt2N7yFjQ2fi/Hmmyk/p0094as55js5OPHIzhsbFKJUdstByPdQ1HKVYzslLKk7m0JfVhtnU+NP3c9ciVmJnmy+M2CK71fTCSu16aMwF1CT08eTXHBZ4oPNN1JjxrYzknRLwdNVt+Jg75hL/aVJvl2p6NsDTx0uqvTDs/wghQQBOEHRZ9IlNrGVkA7P1e5N9DdKQA1/lcjSoX2vP1vf3YviNAF8Ecbw4B6I8bPnvEHvetY63tyv0=
[10.2.4.103]:845 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCt5EL7kugI8Ik9SD+Xb/PTicEzHEmgPRmbshsBOYzwCHPV3QqHs/hRaUGaRanyEA3/0LVXjvErvypyu2aBeJ2w3snNxTPHAqBxBInvCnZ2gWn2pdBoLZvx0o0WoQDCTJNC8Psq8kxubau5pf3t0MVZHikCIpO3EgHzEvTLxkdOIyCM+jD0K0OnBssnf1sYnls/rylI1ThcoiLX5OtWy3vGIn1YljFVdDWtAF17NUkhlSjCvBl5kkWu44mfnvtf6ilpwlLu2omfDzRGt2N7yFjQ2fi/Hmmyk/p0094as55js5OPHIzhsbFKJUdstByPdQ1HKVYzslLKk7m0JfVhtnU+NP3c9ciVmJnmy+M2CK71fTCSu16aMwF1CT08eTXHBZ4oPNN1JjxrYzknRLwdNVt+Jg75hL/aVJvl2p6NsDTx0uqvTDs/wghQQBOEHRZ9IlNrGVkA7P1e5N9DdKQA1/lcjSoX2vP1vf3YviNAF8Ecbw4B6I8bPnvEHvetY63tyv0=
[client]:845 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGyewH4LsGScNcDOQL0so+36NxF1Qcdg92Vb/8Gaf4lZzCTBjeoZY5MsJiF0nUUEiwbDpSrCfV+xQl6pW6kRrU0=
[client.mydomain.com]:845 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGyewH4LsGScNcDOQL0so+36NxF1Qcdg92Vb/8Gaf4lZzCTBjeoZY5MsJiF0nUUEiwbDpSrCfV+xQl6pW6kRrU0=
[10.2.4.103]:845 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGyewH4LsGScNcDOQL0so+36NxF1Qcdg92Vb/8Gaf4lZzCTBjeoZY5MsJiF0nUUEiwbDpSrCfV+xQl6pW6kRrU0=
[client]:845 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBSxNiq2FDbinfKm9RkHq8RFrup2zJZHWSIbRJVkUXVw
[client.mydomain.com]:845 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBSxNiq2FDbinfKm9RkHq8RFrup2zJZHWSIbRJVkUXVw
[10.2.4.103]:845 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBSxNiq2FDbinfKm9RkHq8RFrup2zJZHWSIbRJVkUXVw

客户端主 ssh 客户端配置(包含所有文件):

EnableSSHKeysign yes
Include /etc/ssh/ssh_config.d/*.conf
Host *
    SendEnv LANG LC_*
    HashKnownHosts yes
    GSSAPIAuthentication yes
host server
hostname server.mydomain.com
port 845
HostbasedAuthentication yes

服务器 SSHD 配置:

Port 845
AddressFamily inet
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 1024
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 30
MaxAuthTries 2
PermitRootLogin yes
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
IgnoreRhosts yes
IgnoreUserKnownHosts yes
PermitEmptyPasswords no
ChallengeResponseAuthentication no
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
MaxStartups 5:60:30
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes
# I have some old sshdos customers
Ciphers [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes128-cbc
MACs [email protected],[email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,[email protected],hmac-sha1
KexAlgorithms [email protected],diffie-hellman-group-exchange-sha256,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
PubkeyAcceptedKeyTypes +ssh-dss
HostKeyAlgorithms ssh-ed25519,[email protected],ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected]
useDNS yes
IgnoreRhosts            no
Match User USR1,USR2
    PasswordAuthentication yes
    MaxAuthTries 6
Match Address 10.2.4.103
    MaxAuthTries 10
    HostbasedAuthentication yes
    PasswordAuthentication no
Match Host client,client.mydomain.com
    MaxAuthTries 10
    HostbasedAuthentication yes
    PasswordAuthentication no

以下是完整的客户端连接尝试:

针对大小进行了编辑,并且更改UseDNS为是之后也进行了更新。

normaluser@client:~$ ssh -vvv server
OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f  31 Mar 2020
debug1: /etc/ssh/ssh_config.d/hostBasedLoginFromserver.conf line 1: Applying options for server
debug1: /etc/ssh/ssh_config line 22: Applying options for *
debug2: resolving "server.mydomain.com" port 845
debug2: ssh_connect_direct
debug1: Connecting to server.mydomain.com [10.2.2.241] port 845.
debug1: Connection established.
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug1: Authenticating to server.mydomain.com:845 as 'normaluser'
debug3: put_host_port: [server.mydomain.com]:845
debug3: hostkeys_foreach: reading file "/etc/ssh/ssh_known_hosts"
debug3: record_hostkey: found key type RSA in file /etc/ssh/ssh_known_hosts:1
debug3: record_hostkey: found key type ED25519 in file /etc/ssh/ssh_known_hosts:2
debug3: record_hostkey: found key type ECDSA in file /etc/ssh/ssh_known_hosts:3
debug3: load_hostkeys: loaded 3 keys from [server.mydomain.com]:845
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,[email protected],[email protected],[email protected],[email protected]
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected],zlib
debug2: compression stoc: none,[email protected],zlib
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: [email protected],diffie-hellman-group-exchange-sha256,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes128-cbc
debug2: ciphers stoc: [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes128-cbc
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,[email protected],hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,[email protected],hmac-sha1
debug2: compression ctos: none,[email protected]
debug2: compression stoc: none,[email protected]
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:SDea7uVp4tufAVJ2HQ0NgC/aN018loBE0aNSigvpNmc
debug3: put_host_port: [10.2.2.241]:845
debug3: put_host_port: [server.mydomain.com]:845
debug1: Host '[server.mydomain.com]:845' is known and matches the ECDSA host key.
debug1: Found key in /etc/ssh/ssh_known_hosts:3
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,hostbased
debug3: start over, passed a different list publickey,hostbased
debug3: preferred gssapi-with-mic,hostbased,publickey,keyboard-interactive,password
debug3: authmethod_lookup hostbased
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled hostbased
debug1: Next authentication method: hostbased
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type ecdsa-sha2-nistp256
debug1: userauth_hostbased: trying hostkey ecdsa-sha2-nistp256 SHA256:Tfw3YgenGPpq9BwhWFJQ+SNqsOZhxwbvbcX3i3xvLXc
get_socket_address: getnameinfo 8 failed: Name or service not known
debug2: userauth_hostbased: chost client.
debug3: ssh_msg_recv entering
debug3: ssh_keysign: [child] pid=3329845, exec /usr/lib/openssh/ssh-keysign
get_socket_address: getnameinfo 8 failed: Name or service not known
debug2: we sent a hostbased packet, wait for reply
debug1: Authentications that can continue: publickey,hostbased
debug3: userauth_hostbased: trying key type ecdsa-sha2-nistp256
debug3: userauth_hostbased: trying key type ecdsa-sha2-nistp384
debug3: userauth_hostbased: trying key type ecdsa-sha2-nistp521
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type ssh-ed25519
debug1: userauth_hostbased: trying hostkey ssh-ed25519 SHA256:9b1nYiKLwjN8C9yujNVp9l77w/2BRbcZlTd4GtyjSbE
get_socket_address: getnameinfo 8 failed: Name or service not known
debug2: userauth_hostbased: chost client.
debug3: ssh_msg_recv entering
debug3: ssh_keysign: [child] pid=3329846, exec /usr/lib/openssh/ssh-keysign
get_socket_address: getnameinfo 8 failed: Name or service not known
debug2: we sent a hostbased packet, wait for reply
debug1: Authentications that can continue: publickey,hostbased
debug3: userauth_hostbased: trying key type ssh-ed25519
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type rsa-sha2-512
debug3: userauth_hostbased: trying key type rsa-sha2-256
debug3: userauth_hostbased: trying key type ssh-rsa
debug1: userauth_hostbased: trying hostkey ssh-rsa SHA256:JSF+kQrD8OhF+estUE3Evl5aF1dX0EFvCOeAAwouWvY
get_socket_address: getnameinfo 8 failed: Name or service not known
debug2: userauth_hostbased: chost client.
debug3: ssh_msg_recv entering
debug3: ssh_keysign: [child] pid=3329847, exec /usr/lib/openssh/ssh-keysign
get_socket_address: getnameinfo 8 failed: Name or service not known
debug2: we sent a hostbased packet, wait for reply
debug1: Authentications that can continue: publickey,hostbased
debug3: userauth_hostbased: trying key type ssh-rsa
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type ecdsa-sha2-nistp256
debug3: userauth_hostbased: trying key type ecdsa-sha2-nistp384
debug3: userauth_hostbased: trying key type ecdsa-sha2-nistp521
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type ssh-ed25519
debug3: userauth_hostbased: trying key type [email protected]
debug3: userauth_hostbased: trying key type rsa-sha2-512
debug3: userauth_hostbased: trying key type rsa-sha2-256
debug3: userauth_hostbased: trying key type ssh-rsa
debug1: No more client hostkeys for hostbased authentication.
debug2: we did not send a packet, disable method
[email protected]: Permission denied (publickey,hostbased).

相关内容