my_username@my_username-laptop MINGW64 ~ (master)
$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/c/Users/my_username/.ssh/id_dsa):Enter
Enter passphrase (empty for no passphrase):Enter
Enter same passphrase again: Enter
Your identification has been saved in /c/Users/my_username/.ssh/id_dsa.
Your public key has been saved in /c/Users/my_username/.ssh/id_dsa.pub.
The key fingerprint is: Enter
SHA256:KMLyesG1eWkXq1iI4y7i+4bmVKgZBdCnReukvJgrtP0 my_username@my_username-laptop
The key's randomart image is: Enter
+---[DSA 1024]----+
|+. .. |
| .. o. |
| .+o |
| +o+. .. |
|oo=+o+..So |
|.O*o+.= o |
|*o*o = o |
|=*oo. . |
|OB=..E |
+----[SHA256]-----+
my_username@my_username-laptop MINGW64 ~ (master)
$ cd .ssh
my_username@my_username-laptop MINGW64 ~/.ssh (master)
$ cd ~/.ssh
my_username@my_username-laptop MINGW64 ~/.ssh (master)
$ ls
github_rsa id_dsa known_hosts rsa_key_pair.pub
github_rsa.pub id_dsa.pub rsa_key_pair
my_username@my_username-laptop MINGW64 ~/.ssh (master)
$ ls -la
total 45
drwxr-xr-x 1 my_username 197121 0 Nov 17 23:43 ./
drwxr-xr-x 1 my_username 197121 0 Nov 17 23:08 ../
-rw-r--r-- 1 my_username 197121 668 Nov 17 23:43 id_dsa
-rw-r--r-- 1 my_username 197121 614 Nov 17 23:43 id_dsa.pub
my_username@my_username-laptop MINGW64 ~/.ssh (master)
$ cat id_dsa.pub
ssh-dss AAAAB3NzaC1kc3MAAACBAOrkqv9wt7WcngRfKSaMrCSXn8BfJZN7wEJWvpuqpTYWBzCAylqUSVA+GpMuXGhaDdwHJFftmoxi81PnASpIoZZrIRgqRHRnQph9DnQikB1Bkf4B+EpzD3EwKYWRUOFrHwnjPU1ByRgFOTADXn/O9SIj+9APKer9xFNHaBvv9AvDAAAAFQCYK15hX9llcyIPsHedNTpE0BhgaQAAAIAZ3xOjbu1Vs0yposrwfHdc1+WoUdt89Y8a2YEvmeToR7/M7SM6IPPgbxLTz6l32pbmFFUDknMpX0rL/VaP/ygLifKJDxtWlE2doQR+2FwsvQKnk1wyXlYGXPCaI6flxqJRVV8/VJapQBRAC/cC6g6MNPbTs9GyV/z/SYBE/f4EhgAAAIEAlVinwInGC2gfWL5y7iPmv4gHWuJx0bmGq8Dc5UGdB99uxGRkdOlPFQ8BP6dZ1T8+DlikwPE2CH7RNIb+08KEvtdRJCy++6x0wnvL6ApPM1szNL+gUdL8X2/Mt9r2bj3LvjIrz21u4lXgOa+OsCanu4yUfHhPcj5YgQrrrn3P0Gs= my_username@my_username-laptop
my_username@my_username-laptop MINGW64 ~/.ssh (master)
my_username@my_username-laptop MINGW64 ~ (master)
$ ssh -vT [email protected]
OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to github.com [192.30.252.129] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/my_username/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/my_username/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/my_username/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/my_username/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/my_username/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/my_username/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/my_username/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/my_username/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version libssh-0.7.0
debug1: no match: libssh-0.7.0
debug1: Authenticating to github.com:22 as 'git'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client [email protected] <implicit> none
debug1: kex: client->server [email protected] <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /c/Users/my_username/.ssh/known_hosts:1
Warning: Permanently added the RSA host key for IP address '192.30.252.129' to the list of known hosts.
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /c/Users/my_username/.ssh/id_rsa
debug1: Trying private key: /c/Users/my_username/.ssh/id_dsa
debug1: Trying private key: /c/Users/my_username/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/my_username/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).
my_username@my_username-laptop MINGW64 ~ (master)
$ ssh-agent -s
SSH_AUTH_SOCK=/tmp/ssh-8kgSDhweA5gl/agent.11684; export SSH_AUTH_SOCK;
SSH_AGENT_PID=13892; export SSH_AGENT_PID;
echo Agent pid 13892;
my_username@my_username-laptop MINGW64 ~ (master)
$ ssh-add -l
Could not open a connection to your authentication agent.
my_username@my_username-laptop MINGW64 ~ (master)
$
答案1
我注意到您正在使用 DSA 密钥。默认情况下,OpenSSH 7.0 及更高版本禁用对 DSA 密钥的支持。您可以检查这是否导致问题。看SSH 不断跳过我的公钥并要求输入密码和https://superuser.com/q/1016989/93541。
答案2
要使用公钥向服务器验证 ssh 客户端的身份,您需要在客户端上生成密钥对,将私钥保留在客户端上,然后将公钥复制到
authorized_keys服务器上的文件中它必须~/.ssh由您拥有,并且仅具有所有者的权限(通常是 600 akarw-------)。你没有做第二部分。如果它对您来说太复杂,许多系统都有一个脚本ssh-copy-id可以为您完成大量的操作和错误检查。您不需要,
ssh-agent因为您的密钥文件位于默认位置并且没有密码。要使用
ssh-agent你必须要么运行一个新进程下ssh-agent,例如新 shell 或新终端(固有地带有新 shell),其环境变量设置为访问代理进程或者有你的外壳eval的输出ssh-agent,以便在您的 shell 中设置这些环境变量。你也没有做。从手册页:
There are two main ways to get an agent set up: The first is that the agent starts a new subcommand into which some environment variables are exported, eg ssh-agent xterm &. The second is that the agent prints the needed shell commands (either sh(1) or csh(1) syntax can be generated) which can be evaluated in the calling shell, eg eval 'ssh-agent -s' for Bourne-type shells such as sh(1) or ksh(1) and eval 'ssh-agent -c' for csh(1) and derivatives. Later ssh(1) looks at these variables and uses them to establish a con- nection to the agent.