1. 首页
  2. 问答
  3. SSH不能使用IdentityFile配置文件的〜/ .ssh/config中

SSH不能使用IdentityFile配置文件的〜/ .ssh/config中

2013-03-07 99 views
5

客户:苹果10.8,服务器:Ubuntu的10.04 LTS 64位SSH不能使用IdentityFile配置文件的〜/ .ssh/config中

我用 'SSH-凯基-t RSA' 生成公钥/私钥。

首先,我输入:SSH -i /Users/phenix/.ssh/poponet_rsa [email protected],我可以登录到使用私钥 'poponet_rsa'

接下来,我创建服务器一个配置文件:/Users/phenix/.ssh/config,与内容:

Host popo 
    Hostname popo.net 
    User root 
    PreferredAuthentications publickey 
    IdentityFile /Users/phenix/.ssh/poponet_rsa

,我输入SSH [email protected],终端问我的密码。

接下来,我改变poponet_rsa文件名id_rsa,并输入SSH [email protected],OK,我登录。

我的问题:ssh不能在文件〜/ .ssh/config中使用IdentityFile配置,为什么?

$ ssh -vvv [email protected] 
OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011 
debug1: Reading configuration data /Users/phenix/.ssh/config 
debug1: /Users/phenix/.ssh/config line 1: Applying options for popo.net 
debug1: /Users/phenix/.ssh/config line 2: Applying options for popo.net 
debug1: Reading configuration data /etc/ssh_config 
debug1: /etc/ssh_config line 20: Applying options for * 
debug2: ssh_connect: needpriv 0 
debug1: Connecting to popo.net [111.111.111.111] port 22. 
debug1: Connection established. 
debug3: Incorrect RSA1 identifier 
debug3: Could not load "/Users/phenix/.ssh/id_rsa" as a RSA1 public key 
debug1: identity file /Users/phenix/.ssh/id_rsa type -1 
debug1: identity file /Users/phenix/.ssh/id_rsa-cert type -1 
debug1: identity file /Users/phenix/.ssh/id_dsa type -1 
debug1: identity file /Users/phenix/.ssh/id_dsa-cert type -1 
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu7 
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH* 
debug1: Enabling compatibility mode for protocol 2.0 
debug1: Local version string SSH-2.0-OpenSSH_5.9 
debug2: fd 3 setting O_NONBLOCK 
debug3: load_hostkeys: loading entries for host "popo.net" from file "/Users/phenix/.ssh/known_hosts" 
debug3: load_hostkeys: found key type RSA in file /Users/phenix/.ssh/known_hosts:1 
debug3: load_hostkeys: loaded 1 keys 
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa 
debug1: SSH2_MSG_KEXINIT sent 
debug1: SSH2_MSG_KEXINIT received 
debug2: kex_parse_kexinit: **too much init, i delete them.** 
debug2: mac_setup: found hmac-md5 
debug1: kex: server->client aes128-ctr hmac-md5 none 
debug2: mac_setup: found hmac-md5 
debug1: kex: client->server aes128-ctr hmac-md5 none 
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent 
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP 
debug2: dh_gen_key: priv key bits set: 135/256 
debug2: bits set: 468/1024 
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent 
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY 
debug1: Server host key: RSA xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx 
debug3: load_hostkeys: loading entries for host "popo.net" from file "/Users/phenix/.ssh/known_hosts" 
debug3: load_hostkeys: found key type RSA in file /Users/phenix/.ssh/known_hosts:1 
debug3: load_hostkeys: loaded 1 keys 
debug3: load_hostkeys: loading entries for host "111.111.111.111" from file "/Users/phenix/.ssh/known_hosts" 
debug3: load_hostkeys: found key type RSA in file /Users/phenix/.ssh/known_hosts:1 
debug3: load_hostkeys: loaded 1 keys 
debug1: Host 'popo.net' is known and matches the RSA host key. 
debug1: Found key in /Users/phenix/.ssh/known_hosts:1 
debug2: bits set: 516/1024 
debug1: ssh_rsa_verify: signature correct 
debug2: kex_derive_keys 
debug2: set_newkeys: mode 1 
debug1: SSH2_MSG_NEWKEYS sent 
debug1: expecting SSH2_MSG_NEWKEYS 
debug2: set_newkeys: mode 0 
debug1: SSH2_MSG_NEWKEYS received 
debug1: Roaming not allowed by server 
debug1: SSH2_MSG_SERVICE_REQUEST sent 
debug2: service_accept: ssh-userauth 
debug1: SSH2_MSG_SERVICE_ACCEPT received 
debug2: key: /Users/phenix/.ssh/id_rsa (0x0) 
debug2: key: /Users/phenix/.ssh/id_dsa (0x0) 
debug1: Authentications that can continue: publickey,password 
debug3: start over, passed a different list publickey,password 
debug3: preferred publickey,keyboard-interactive,password 
debug3: authmethod_lookup publickey 
debug3: remaining preferred: keyboard-interactive,password 
debug3: authmethod_is_enabled publickey 
debug1: Next authentication method: publickey 
debug1: Trying private key: /Users/phenix/.ssh/id_rsa 
debug1: key_parse_private_pem: PEM_read_PrivateKey failed 
debug1: read PEM private key done: type <unknown> 
debug2: no passphrase given, try next key 
debug1: Trying private key: /Users/phenix/.ssh/id_dsa 
debug3: no such identity: /Users/phenix/.ssh/id_dsa 
debug2: we did not send a packet, disable method 
debug3: authmethod_lookup password 
debug3: remaining preferred: ,password 
debug3: authmethod_is_enabled password 
debug1: Next authentication method: password 
[email protected]'s password:

来源

2013-03-07 zgia

回答

1

如果你的〜/ .ssh/config中是全部在一行上(如您的文章建议)是这样的:

Host popo Hostname popo.net User root PreferredAuthentications publickey IdentityFile /Users/phenix/.ssh/poponet_rsa

那么将无法正常工作。你需要在每个指令分离到自己的路线,像这样:

Host popo 
Hostname popo.net 
User root 
PreferredAuthentications publickey 
IdentityFile /Users/phenix/.ssh/poponet_rsa

来源

2013-03-07 10:29:43 dave4420

+0

我试了一下,但终端再次问我密码。只有'debug2:key:/Users/liyuntian/.ssh/id_rsa(0x0)',没有'poponet_rsa' – zgia 2013-03-08 01:19:07

0

我不认为答案是实际的问题的作者,但谷歌在第一页返回这个话题。

我也有类似的问题。日志中的关键行:

debug3: Incorrect RSA1 identifier 
debug3: Could not load "/Users/phenix/.ssh/id_rsa" as a RSA1 public key

所以ssh不知道你的poppet.key。在我的情况是错误打印的文件名。

我推荐在〜/ .ssh/config中双击检查键名。

来源

2013-11-10 09:43:04 leonidv

+0

这些“错误”实际上不是问题。 RSA1很少使用了。当加载由IdentityFile指定的密钥时,大部分时间都会显示此信息。 – jeffcook2150 2014-04-21 09:55:16

6

我在这里找到了我的问题的答案:https://superuser.com/a/436015

简而言之,需要在主机或全局SSH客户端配置中指定IdentitiesOnly yes,否则还可能尝试未指定的密钥,包括ssh-agent中的密钥(如果正在运行)。

来源

2014-04-21 10:01:45 jeffcook2150

相关问题

 相关问题