我正在尝试通过 ssh 登录 Netgear ReadyNAS 314 NAS。我已设置 ssh 并复制了相应的文件:
drw------- 1 jordan users 176 Aug 30 23:42 .ssh
在 .ssh 中:
drwx------ 1 jordan users 34 Aug 30 23:31 ..
-rw------- 1 jordan users 395 Aug 30 23:32 authorized_keys
drwx------ 1 jordan users 32 Aug 30 23:32 github
-rwx------ 1 jordan users 395 Aug 30 23:32 id_rsa.pub
-rwx------ 1 jordan users 1675 Aug 30 23:32 id_rsa
-rwx------ 1 jordan users 1089 Aug 30 23:32 config
-rw------- 1 jordan users 20625 Aug 30 23:32 known_hosts
-rw------- 1 jordan users 0 Aug 30 23:42 ssh_authorized_keys
这是我的 /etc/sshd/sshd_config 文件(请注意,由于某种原因,第一行显示为“禁止编辑“):
# Do not edit.
Protocol 2
Port 22
#ListenAddress ::
#ListenAddress 0.0.0.0
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
# Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 1024
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin no
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/ssh_authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/issue.net
# Allow client to pass locale environment variables
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes
当我运行 /usr/sbin/sshd -d 时,我得到以下信息:
root@andraia:/home/jordan# /usr/sbin/sshd -d
debug1: Config token is protocol
debug1: Config token is port
debug1: Config token is hostkey
debug1: Config token is hostkey
debug1: Config token is hostkey
debug1: Config token is useprivilegeseparation
debug1: Config token is keyregenerationinterval
debug1: Config token is serverkeybits
debug1: Config token is syslogfacility
debug1: Config token is loglevel
debug1: Config token is logingracetime
debug1: Config token is permitrootlogin
debug1: Config token is strictmodes
debug1: Config token is rsaauthentication
debug1: Config token is pubkeyauthentication
debug1: Config token is authorizedkeysfile
debug1: Config token is ignorerhosts
debug1: Config token is rhostsrsaauthentication
debug1: Config token is hostbasedauthentication
debug1: Config token is permitemptypasswords
debug1: Config token is challengeresponseauthentication
debug1: Config token is passwordauthentication
debug1: Config token is x11forwarding
debug1: Config token is x11displayoffset
debug1: Config token is printmotd
debug1: Config token is printlastlog
debug1: Config token is tcpkeepalive
debug1: Config token is acceptenv
debug1: Config token is subsystem
debug1: Config token is usepam
debug1: HPN Buffer Size: 87380
debug1: sshd version OpenSSH_6.7, OpenSSL 1.0.1t 3 May 2016
debug1: private host key: #0 type 1 RSA
debug1: private host key: #1 type 2 DSA
debug1: private host key: #2 type 3 ECDSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 22 on 0.0.0.0.
debug1: Server TCP RWIN socket size: 87380
debug1: HPN Buffer Size: 87380
Server listening on 0.0.0.0 port 22.
当我尝试连接时,我得到了这个:
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
debug1: HPN Disabled: 0, HPN Buffer Size: 87380
Connection from <client-ip> port 55314 on <host-ip> port 22
debug1: Client protocol version 2.0; client software version OpenSSH_8.9p1 Ubuntu-3
SSH: Server;Ltype: Version;Remote: <client-ip>-55314;Protocol: 2.0;Client: OpenSSH_8.9p1 Ubuntu-3
debug1: Remote is NON-HPN aware
debug1: match: OpenSSH_8.9p1 Ubuntu-3 pat OpenSSH* compat 0x24000000
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1-hpn14v5 Debian-5+deb8u7.netgear1
debug1: permanently_set_uid: 82/99 [preauth]
debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: AUTH STATE IS 0 [preauth]
debug1: REQUESTED ENC.NAME is '[email protected]' [preauth]
debug1: kex: client->server [email protected] <implicit> none [preauth]
SSH: Server;Ltype: Kex;Remote: <client-ip>-55314;Enc: [email protected];MAC: (null);Comp: none [preauth]
debug1: REQUESTED ENC.NAME is '[email protected]' [preauth]
debug1: kex: server->client [email protected] <implicit> none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user jordan service ssh-connection method none [preauth]
SSH: Server;Ltype: Authname;Remote: <client-ip>-55314;Name: jordan [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: Config token is protocol
debug1: Config token is port
debug1: Config token is hostkey
debug1: Config token is hostkey
debug1: Config token is hostkey
debug1: Config token is useprivilegeseparation
debug1: Config token is keyregenerationinterval
debug1: Config token is serverkeybits
debug1: Config token is syslogfacility
debug1: Config token is loglevel
debug1: Config token is logingracetime
debug1: Config token is permitrootlogin
debug1: Config token is strictmodes
debug1: Config token is rsaauthentication
debug1: Config token is pubkeyauthentication
debug1: Config token is authorizedkeysfile
debug1: Config token is ignorerhosts
debug1: Config token is rhostsrsaauthentication
debug1: Config token is hostbasedauthentication
debug1: Config token is permitemptypasswords
debug1: Config token is challengeresponseauthentication
debug1: Config token is passwordauthentication
debug1: Config token is x11forwarding
debug1: Config token is x11displayoffset
debug1: Config token is printmotd
debug1: Config token is printlastlog
debug1: Config token is tcpkeepalive
debug1: Config token is acceptenv
debug1: Config token is subsystem
debug1: Config token is usepam
debug1: PAM: initializing for "jordan"
debug1: PAM: setting PAM_RHOST to "surfer"
debug1: PAM: setting PAM_TTY to "ssh"
我知道密钥文件很好,因为我在其他主机上使用它们,并且已经这样做了无数次。还有一些我遗漏的事情......
答案1
您的文件访问权限不正确。从所有文件。
答案2
我认为,由于 NAS 比较旧,加密方法已经过时,无论出于什么原因,我的其他主机都可以接受这一点,但 WSL2 却不行。我尝试更新操作系统,但即使这样也失败了:
jordan@andraia:~$ sudo apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] y
Setting up nfs-kernel-server (1:1.2.8-9+deb8u1) ...
update-rc.d: error: initscript does not exist: /etc/init.d/nfs-kernel-server
dpkg: error processing package nfs-kernel-server (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
nfs-kernel-server
E: Sub-process /usr/bin/dpkg returned an error code (1)
我添加了以下内容/etc/ssh/ssh_config
:
PubkeyAcceptedKeyTypes ssh-rsa
现在我可以从我的 WSL2 环境无需密码 ssh 到 NAS(并且连接到我的其他主机也可以正常工作)。