我正在运行mobxterm我的 Windows ssh 客户端,我已启用
“使用外部选美和转发 ssh 代理”,但我仍然无法让它工作。我知道authorized_keys设置正确,因为它在其他服务器上工作
Note我首先需要访问一个跳转盒以跳转到所需的服务器 选美在 10 多个不同的服务器上运行良好,除了一个服务器之外。
以下是未进行身份验证的服务器的日志:
ssh -vvv serverip
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: rsa-key-20140313
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /home/users/mj138q/.ssh/identity
debug3: no such identity: /home/users/mj138q/.ssh/identity
debug1: Trying private key: /home/users/mj138q/.ssh/id_rsa
debug3: no such identity: /home/users/mj138q/.ssh/id_rsa
debug1: Trying private key: /home/users/mj138q/.ssh/id_dsa
debug3: no such identity: /home/users/mj138q/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:
这是一个工作的:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: rsa-key-20140313
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 148
debug2: input_userauth_pk_ok: fp aa:dd:5e:11:ff:92:f3:2d:21:fc:c2:6a:e2:d1:d5:a1
debug3: sign_and_send_pubkey
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug2: channel 0: request shell confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Last login: Wed Nov 25 23:17:27 2015
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
You have mail.
答案1
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
这意味着您的 SSH 客户端发送了公钥,但被服务器拒绝了。联系服务器管理员并让他们检查服务器端身份验证日志(在 Linux 中,通常/var/log/secure或/var/log/auth.log取决于发行版):服务器端日志应该有一条来自 sshd 的非常清晰的消息,描述公钥被拒绝的原因。
出于安全原因,拒绝原因不会发送给尚未识别的客户端。你不会给一个摆弄你家前门锁的陌生人任何有关使用开锁器类型的建议,不是吗?
出现此类问题的最常见原因是服务器上的authorized_keys文件、.ssh子目录或用户主目录的文件权限错误。除了帐户所有者之外,任何人都不能写入这些内容。服务器日志中的错误消息将包含导致密钥因不安全而被拒绝的文件或目录的确切路径名。