-1
我有一个ubuntu服务器,这是在公司的本地网络,我们做了ip映射,以便我们可以从广域网访问该计算机。 我已经生成了一个pub key并添加到了authorized_keys中。ssh公钥登录失败,随机到我的Ubuntu服务器
前几次登录成功,但后来我ssh服务器它会弹出让我填写密码。我的意思是随机登录时不需要密码,它应该总是使用puk密钥登录。
这里是SSH目录的服务器上
drwxrwxr-x 2 fin fin 4096 2011-10-19 11:47 .ssh
drwxrwxr-x 2 fin fin 4096 2011-10-19 11:47 .
drwx------ 11 fin fin 4096 2011-11-30 11:10 ..
-rw-rw-r-- 1 fin fin 804 2011-11-29 20:06 authorized_keys
-rw------- 1 fin fin 1675 2011-10-19 11:46 id_rsa
-rw-r--r-- 1 fin fin 403 2011-10-19 11:46 id_rsa.pub
-rw-r--r-- 1 fin fin 884 2011-10-19 11:47 known_hosts
这里的权限设置的详细信息连接
openSSH_5.2p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to 211.154.169.179 [211.154.169.179] port 1066.
debug1: Connection established.
debug1: identity file /Users/lidongbin/.ssh/identity type -1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /Users/lidongbin/.ssh/id_rsa type 1
debug1: identity file /Users/lidongbin/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-7ubuntu1
debug1: match: OpenSSH_5.8p1 Debian-7ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 124/256
debug2: bits set: 525/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '[211.154.169.179]:1066' is known and matches the RSA host key.
debug1: Found key in /Users/lidongbin/.ssh/known_hosts:5
debug2: bits set: 517/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /Users/lidongbin/.ssh/identity (0x0)
debug2: key: /Users/lidongbin/.ssh/id_rsa (0x100118e10)
debug2: key: /Users/lidongbin/.ssh/id_dsa (0x0)
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/lidongbin/.ssh/identity
debug1: Offering public key: /Users/lidongbin/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /Users/lidongbin/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
这里是/var/log/auth.log
Nov 30 11:11:35 vrv-oes sshd[30474]: Connection from 192.168.0.1 port 55669
Nov 30 11:11:41 vrv-oes sshd[30474]: Failed publickey for fin from 192.168.0.1 port 55669 ssh2
Nov 30 11:11:46 vrv-oes sshd[30529]: pam_ecryptfs: Passphrase file wrapped
Nov 30 11:11:47 vrv-oes sshd[30474]: Accepted password for fin from 192.168.0.1 port 55669 ssh2
Nov 30 11:11:47 vrv-oes sshd[30474]: pam_unix(sshd:session): session opened for user fin by (uid=0)
Nov 30 11:11:47 vrv-oes sshd[30474]: User child is on pid 30561
你有没有遇到过这个问题? 我很困惑这几天...
任何人都可以帮助我吗?感谢您的提前!
谢谢awrn,我将详细添加到ssh服务器配置,但是当我检查/var/log/auth.log它只告诉我这个“失败的公钥从鳍从192.168.0.1端口55669 ssh2”,没有更多相关信息?我应该在别处找到具体的日志吗?谢谢 –
和我服务器的.ssh目录权限是“drwxrwxr-x 2 fin fin 4096 2011-10-19 11:47 .ssh”,我认为这就够了。 –
在调试中启动一个新的sshd以查看发生了什么:#/ usr/sbin/sshd -D -ddd -p 60022 ---现在从客户端启动一个新的ssh到端口60222,您应该在屏幕上看到sshd的调试权限当它发生时。那里应该有更多的信息。 – awm