这是我的拳头帮助,尽pipe是一个每日读者为了学习。
我正在Unix环境(Solaris和Aix服务器)上工作,我的公钥在几个月后突然停止工作。 我试图重新创build密钥,但仍然无法正常工作,下面是我已经完成的步骤:
cd cd .ssh ssh-keygen -t dsa (input nothing on 3 prompts just as did before) cat id_dsa.pub > authorized_keys 之后,我确实发送了所有文件到〜/ .ssh所需的服务器,并validation它在那里。 它没有工作。
我做了一个故障排除和:1.权限是好的:.ssh dir是700; 授权密钥是600(我尝试了许多权限)。 2. sshd_config只有这个条目:
ListenAddress 0.0.0.0 Protocol 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key SyslogFacility AUTH LogLevel INFO PermitRootLogin yes PrintMotd yes PidFile /etc/ssh/sshd.pid Banner /etc/issue Subsystem sftp /usr/sbin/sftp-server
我试图重新创build这些密钥多次…此外,我已经尝试创buildRSA密钥和authorized_keys2,都没有工作。 好奇的是,这是相同的configuration之前工作。 与其他Unix工具一样,SSH服务由此环境中的系统pipe理员pipe理。 这是我的ssh -vv输出,所以你可以帮助我:
/home/felipe/.ssh$ ssh -vv target_server OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to target_server [10.22.6.26] port 22. debug1: Connection established. debug1: identity file /home/felipe/.ssh/identity type -1 debug1: identity file /home/felipe/.ssh/id_rsa type -1 debug2: key_type_from_name: unknown key type '-----BEGIN' debug2: key_type_from_name: unknown key type '-----END' debug1: identity file /home/felipe/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.4 debug1: match: OpenSSH_5.4 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.9p1 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 126/256 debug2: bits set: 492/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'target_server' is known and matches the RSA host key. debug1: Found key in /home/felipe/.ssh/known_hosts:1 debug2: bits set: 477/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/felipe/.ssh/identity ((nil)) debug2: key: /home/felipe/.ssh/id_rsa ((nil)) debug2: key: /home/felipe/.ssh/id_dsa (0x866d380) "THIS SYSTEM IS AMERICAN EXPRESS (AXP) PROPERTY. THIS SYSTEM IS RESTRICTED TO AUTHORIZED INDIVIDUALS FOR BUSINESS PURPOSES. INDIVIDUALS SHOULD NOT HAVE AN EXPECTATION OF PRIVACY WHEN USING THIS SYSTEM. INDIVIDUALS RESPONSIBLE FOR UNAUTHORIZED ACCESS OR INAPPROPRIATE USE RESULTING IN DAMAGES TO AXP OR OTHERS MAY BE SUBJECT TO CIVIL OR CRIMINAL PROSECUTION. " debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: /home/felipe/.ssh/identity debug1: Trying private key: /home/felipe/.ssh/id_rsa debug1: Offering public key: /home/felipe/.ssh/id_dsa debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,password,keyboard-interactive debug2: we did not send a packet, disable method debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug1: Authentications that can continue: publickey,password,keyboard-interactive debug2: we did not send a packet, disable method debug1: Next authentication method: password felipe@target_server's password:
我需要的是login到服务器而不被提示密码。
提前感谢您的帮助!