Linux
Windows SSH 使用私鑰進入 CentOS - 不工作
我在 Windows 10 上。需要 ssh 到 Linux CentOS 伺服器。嘗試 Putty 和 Windows SSH(在功能中打開。Powershell?)。
使用 PuttyGen,我生成了一個私有和公共 RSA 密鑰對 - rsa 和 rsa.pub ,沒有任何密碼。這兩個文件都在我的桌面上。server333 在 C:\Users\johndoe.ssh\known_hosts 中有一個條目。我的 Windows PC 上的 .ssh 目錄中沒有其他文件或目錄。公鑰也被複製到linux盒子的/home/johndoe/.ssh/authorized_keys
我試過
ssh -i rsa -vvv server333
了,但它不起作用。這是日誌:c:\Users\johndoe\Desktop>ssh -i rsa -vvv server333 OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5 debug3: Failed to open file:C:/Users/johndoe/.ssh/config error:2 debug3: Failed to open file:C:/ProgramData/ssh/ssh_config error:2 debug2: resolving "server333" port 22 debug2: ssh_connect_direct: needpriv 0 debug1: Connecting to server333 [1.2.3.4] port 22. debug1: Connection established. key_load_public: invalid format debug1: identity file rsa type -1 debug3: Failed to open file:c:/Users/johndoe/Desktop/rsa-cert error:2 debug3: Failed to open file:c:/Users/johndoe/Desktop/rsa-cert.pub error:2 debug1: key_load_public: No such file or directory debug1: identity file rsa-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_7.7 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4 debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to server333:22 as 'corp\\johndoe' debug3: hostkeys_foreach: reading file "C:\\Users\\johndoe/.ssh/known_hosts" debug3: record_hostkey: found key type RSA in file C:\\Users\\johndoe/.ssh/known_hosts:1 debug3: load_hostkeys: loaded 1 keys from server333 debug3: Failed to open file:C:/Users/johndoe/.ssh/known_hosts2 error:2 debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2 debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2 debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none debug2: compression stoc: none debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr debug2: MACs ctos: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com debug2: MACs stoc: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com debug2: compression ctos: none,zlib@openssh.com debug2: compression stoc: none,zlib@openssh.com debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: curve25519-sha256@libssh.org debug1: kex: host key algorithm: rsa-sha2-512 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug3: send packet: type 30 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug3: receive packet: type 31 debug1: Server host key: ssh-rsa SHA256:abcd debug3: hostkeys_foreach: reading file "C:\\Users\\johndoe/.ssh/known_hosts" debug3: record_hostkey: found key type RSA in file C:\\Users\\johndoe/.ssh/known_hosts:1 debug3: load_hostkeys: loaded 1 keys from server333 debug3: Failed to open file:C:/Users/johndoe/.ssh/known_hosts2 error:2 debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2 debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2 debug3: hostkeys_foreach: reading file "C:\\Users\\johndoe/.ssh/known_hosts" debug3: record_hostkey: found key type RSA in file C:\\Users\\johndoe/.ssh/known_hosts:1 debug3: load_hostkeys: loaded 1 keys from 1.2.3.4 debug3: Failed to open file:C:/Users/johndoe/.ssh/known_hosts2 error:2 debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2 debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2 debug1: Host 'server333' is known and matches the RSA host key. debug1: Found key in C:\\Users\\johndoe/.ssh/known_hosts:1 debug3: send packet: type 21 debug2: set_newkeys: mode 1 debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: receive packet: type 21 debug1: SSH2_MSG_NEWKEYS received debug2: set_newkeys: mode 0 debug1: rekey after 134217728 blocks debug3: unable to connect to pipe \\\\.\\pipe\\openssh-ssh-agent, error: 2 debug1: pubkey_prepare: ssh_get_authentication_socket: The socket is not connected debug2: key: rsa (0000000000000000), explicit debug3: send packet: type 5 debug3: receive packet: type 7 debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512> debug3: receive packet: type 6 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug3: send packet: type 50 debug3: receive packet: type 53 debug3: input_userauth_banner NOTICE TO USERS ============================================================================= This is an official computer system and is the property of ACME, Inc. It is for authorized users only. Unauthorized users are prohibited. Users (authorized or unauthorized) have no explicit or implicit expectation of privacy. Any or all uses of this system may be subject to one or more of the following actions: interception, monitoring, recording, auditing, inspection and disclosing to security personnel and law enforcement personnel, as well as authorized officials of other agencies, both domestic and foreign. By using this system, the user consents to these actions. Unauthorized or improper use of this system may result in administrative disciplinary action and civil and criminal penalties. By accessing this system you indicate your awareness of and consent to these terms and conditions of use. Discontinue access immediately if you do not agree to the conditions stated in this notice. ============================================================================= debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: rsa debug3: sign_and_send_pubkey: RSA SHA256:zyxw debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password debug3: failed to open file:c:/dev/tty error:3 debug1: read_passphrase: can't open /dev/tty: No such file or directory corp\johndoe@server333's password:
您似乎沒有在 SSH 主機伺服器上定義使用者名。
您仍然可以這樣做,但您必須定義
user
on SSH 配置文件,例如:vi ~/.ssh/config ... Host server333 HostName your-server333-ip User your-user IdentityFile your-private-key
然後您可以使用以下命令遠端伺服器:
ssh server333
注意:確保配置文件有
600
權限
您說您執行的命令與您實際執行的命令不同。
你說你做了什麼:
ssh -i johndoe_privatekey -vvv server333
你實際上做了什麼:
ssh -i johndoe_privatekey.pub -vvv server333
在這裡,我們看到 ssh 抱怨它找不到您指定的密鑰文件。
debug3: Failed to open file:C:/Users/johndoe/Desktop/johndoe_privatekey.pub.pub error:2 debug1: key_load_public: No such file or directory
從命令中刪除
.pub
後綴,確保密鑰文件確實存在,然後重試。