系统configuration:
MAC Version : 10.10.5 uname -a Darwin xxxxx-xxxx 14.5.0 Darwin Kernel Version 14.5.0: Tue Sep 1 21:23:09 PDT 2015; root:xnu-2782.50.1~1/RELEASE_X86_64 x86_64 问题:
无法使用用户模式使用SSH私钥连接到服务器。 但是具有相同SSH密钥(与用户位置相同)的相同命令对于根authentication正常工作。
输出日志失败(用户级命令):
> ssh -v -2A 198.18.144.158 OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 debug1: Reading configuration data /Users/userxyz/.ssh/config debug1: Reading configuration data /etc/ssh_config debug1: Connecting to 198.18.144.158 [198.18.144.158] port 22. debug1: Connection established. debug1: identity file /Users/userxyz/.ssh/internal/2009-01-01.ppk type -1 debug1: identity file /Users/userxyz/.ssh/internal/2009-01-01.ppk-cert type -1 debug1: identity file /Users/userxyz/.ssh/internal/2009-01-01.ppk type -1 debug1: identity file /Users/userxyz/.ssh/internal/2009-01-01.ppk-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.2 debug1: Remote protocol version 2.0, remote software version Server-VIII-hpn14v2 debug1: no match: Server-VIII-hpn14v2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr [email protected] none debug1: kex: client->server aes128-ctr [email protected] none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: DSA ee:33:bd:ac:7b:6e:bd:0b:60:6e:49:20:56:cb:00:d3 debug1: Host '198.18.144.158' is known and matches the DSA host key. debug1: Found key in /Users/userxyz/.ssh/known_hosts:1 debug1: ssh_dss_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /Users/userxyz/.ssh/internal/2009-01-01.ppk debug1: Authentications that can continue: publickey debug1: Trying private key: /Users/kimanjun/.ssh/internal/2015-11-16.ppk debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> debug1: No more authentication methods to try. Permission denied (publickey).
用户级别configuration更改
pwd /Users/userxyz/.ssh > cat config IdentityFile ~/.ssh/internal/2009-01-01.ppk >
成功输出日志(根级命令):
sudo ssh -v -2A 198.18.144.158 Password: OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to 198.18.144.158 [198.18.144.158] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /Users/userxyz/.ssh/internal/2009-01-01.ppk type -1 debug1: identity file /Users/userxyz/.ssh/internal/2009-01-01.ppk-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.2 debug1: Remote protocol version 2.0, remote software version Server-VIII-hpn14v2 debug1: no match: Server-VIII-hpn14v2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr [email protected] none debug1: kex: client->server aes128-ctr [email protected] none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: DSA ee:33:bd:ac:7b:6e:bd:0b:60:6e:49:20:56:cb:00:d3 debug1: Host '198.18.144.158' is known and matches the DSA host key. debug1: Found key in /var/root/.ssh/known_hosts:1 debug1: ssh_dss_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /Users/userxyz/.ssh/internal/2009-01-01.ppk debug1: Server accepts key: pkalg ssh-rsa blen 279 debug1: Authentication succeeded (publickey). Authenticated to 198.18.144.158 ([198.18.144.158]:22). debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: SSH2_MSG_KEXINIT received debug1: SSH2_MSG_KEXINIT sent debug1: kex: server->client aes128-ctr [email protected] none debug1: kex: client->server aes128-ctr [email protected] none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: DSA ee:33:bd:ac:7b:6e:bd:0b:60:6e:49:20:56:cb:00:d3 debug1: Host '198.18.144.158' is known and matches the DSA host key. debug1: Found key in /var/root/.ssh/known_hosts:1 debug1: ssh_dss_verify: signature correct debug1: set_newkeys: rekeying debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: set_newkeys: rekeying debug1: SSH2_MSG_NEWKEYS received debug1: Requesting authentication agent forwarding. This is a private system. No unauthorized use is permitted; if you are not an authorized user, please log off now. [email protected]:~# exit
根级configuration更改:
我已经改变了根级ssh_config指向用户级别帐户的私钥,而不是默认的rsa密钥。
我曾经尝试过:
一个。 尝试不同的权限的.ssh和internal在用户级别的文件夹,但不影响。
湾 尝试了ssh-add但看到输出看起来确定。
C。 在用户级别和根级别检查了known_hosts,看起来完全相同。
不知道是什么原因造成的问题 – 因为在根级我能够validation密钥,并在用户级别不能做到这一点。
任何帮助是受欢迎的。
既然你没有在你的ssh命令行上指定一个特定的用户名:当你使用sudo和普通的OSX用户userxyz (或者kimanjun或者kimanjun什么)的时候,你用远程系统上的root用户userxyz 。
尝试ssh [email protected]当你省略sudo或ssh -l root 198.18.144.158 。
如果您不想以root身份login,请使用正确的远程login名,并设置正确的SSH密钥。