服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 从OS X到Ubuntu的权限被拒绝(公钥)
Intereting Posts
PuTTY使用代理转发服务器链 在EC2 / Nginx /乘客performanceRMagick是可怕的 使用反向端口转发时,将客户端IPlogging在apache访问日志中 从远程SFTP密码错误,但不是从本地 不能绑定到端口,即使tcpview说它没有被使用 SSH – ChrootDirectory无法正常工作 在所有Linux和Unix中丢弃数据包 PCI RapidComply的XSS漏洞 导出Active Directory用户,组,OU Windows Server 2012 R2在旋转的蓝色Windows屏幕上重新启动时卡住 以太网电缆连同Dell电缆pipe理臂中的电源线 rsync两个大型存储服务器 什么可能导致“RTNETLINK答案:添加路由时没有这样的过程” 如何在Centos 6上获得openldap来将任何内容写入日志文件 子子域通配符redirect

从OS X到Ubuntu的权限被拒绝(公钥)

我知道这个问题已经被问了几次了,但是我不能在我的机器上工作,而且我觉得我已经尝试了一切。

我想用我的机器上的公钥从sshlogin到我的ubuntu机器 – 这样我就不必input密码了。

我总是总是被permission denied (publickey)

我用各种选项创build了新的密钥,似乎没有任何改变。

密码authentication工作正常 – 所以我没有被locking或任何东西,但我希望能够用SSH密钥login,如果我可以在我使用很多的计算机上。

这是我的日志: 

 `01 OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 02 debug1: Reading configuration data /etc/ssh_config 03 debug1: /etc/ssh_config line 20: Applying options for * 04 debug1: Connecting to bcs.net.nz [203.167.215.130] port 22. 05 debug1: Connection established. 06 debug1: identity file /Users/jeff/.ssh/id_rsa type 1 07 debug1: identity file /Users/jeff/.ssh/id_rsa-cert type -1 08 debug1: identity file /Users/jeff/.ssh/id_dsa type -1 09 debug1: identity file /Users/jeff/.ssh/id_dsa-cert type -1 10 debug1: Enabling compatibility mode for protocol 2.0 11 debug1: Local version string SSH-2.0-OpenSSH_6.2 12 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 13 debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH* 14 debug1: SSH2_MSG_KEXINIT sent 15 debug1: SSH2_MSG_KEXINIT received 16 debug1: kex: server->client aes128-ctr [email protected] none 17 debug1: kex: client->server aes128-ctr [email protected] none 18 debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent 19 debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP 20 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent 21 debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY 22 debug1: Server host key: RSA 3b:2d:96:07:cf:f9:63:82:b1:3f:ae:5d:a0:83:24:84 23 debug1: Host 'bcs.net.nz' is known and matches the RSA host key. 24 debug1: Found key in /Users/jeff/.ssh/known_hosts:1 25 debug1: ssh_rsa_verify: signature correct 26 debug1: SSH2_MSG_NEWKEYS sent 27 debug1: expecting SSH2_MSG_NEWKEYS 28 debug1: SSH2_MSG_NEWKEYS received 29 debug1: Roaming not allowed by server 30 debug1: SSH2_MSG_SERVICE_REQUEST sent 31 debug1: SSH2_MSG_SERVICE_ACCEPT received 32 debug1: Authentications that can continue: publickey 33 debug1: Next authentication method: publickey 34 debug1: Offering RSA public key: /Users/jeff/.ssh/id_rsa 35 debug1: Authentications that can continue: publickey 36 debug1: Trying private key: /Users/jeff/.ssh/id_dsa 37 debug1: Next authentication method: keyboard-interactive 38 debug1: Authentications that can continue: publickey 39 debug1: No more authentication methods to try. 40 Permission denied (publickey,keyboard-interactive).`

我的客户端机器是具有~/.ssh/目录下的权限的Macbook Air

-rw------- 1 jeff staff 1675 2 Apr 22:32 id_rsa -rw------- 1 jeff staff 405 2 Apr 22:32 id_rsa.pub -rw------- 1 jeff staff 405 2 Apr 23:39 known_hosts

我的服务器机器在~/.ssh有这些

-rw------- 1 git git 1 Apr 2 23:36 authorized_keys

id_rsa.pub被复制到authorized_keys

我在智慧的结局,因为我已经尝试了这么多的组合:-)别的可以帮助吗?

========添加服务器日志======= 

 Apr 3 11:19:16 bcs sshd[19198]: debug1: Forked child 19300. Apr 3 11:19:16 bcs sshd[19300]: Set /proc/self/oom_score_adj to 0 Apr 3 11:19:16 bcs sshd[19300]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8 Apr 3 11:19:16 bcs sshd[19300]: debug1: inetd sockets after dupping: 3, 3 Apr 3 11:19:16 bcs sshd[19300]: Connection from 103.26.16.233 port 58988 on 172.16.1.102 port 22 Apr 3 11:19:16 bcs sshd[19300]: debug1: Client protocol version 2.0; client software version OpenSSH_6.2 Apr 3 11:19:16 bcs sshd[19300]: debug1: match: OpenSSH_6.2 pat OpenSSH* compat 0x04000000 Apr 3 11:19:16 bcs sshd[19300]: debug1: Enabling compatibility mode for protocol 2.0 Apr 3 11:19:16 bcs sshd[19300]: debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 Apr 3 11:19:16 bcs sshd[19300]: debug1: permanently_set_uid: 116/65534 [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: SSH2_MSG_KEXINIT sent [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: SSH2_MSG_KEXINIT received [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: kex: client->server aes128-ctr [email protected] none [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: kex: server->client aes128-ctr [email protected] none [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: SSH2_MSG_NEWKEYS sent [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: expecting SSH2_MSG_NEWKEYS [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: SSH2_MSG_NEWKEYS received [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: KEX done [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: userauth-request for user git service ssh-connection method none [preauth] Apr 3 11:19:16 bcs sshd[19300]: debug1: attempt 0 failures 0 [preauth] Apr 3 11:19:17 bcs sshd[19300]: reverse mapping checking getaddrinfo for 103-26-16-233.ufb.ff.net.nz [103.26.16.233] failed - POSSIBLE BREAK-IN ATTEMPT! Apr 3 11:19:17 bcs sshd[19300]: debug1: userauth-request for user git service ssh-connection method publickey [preauth] Apr 3 11:19:17 bcs sshd[19300]: debug1: attempt 1 failures 0 [preauth] Apr 3 11:19:17 bcs sshd[19300]: debug1: test whether pkalg/pkblob are acceptable [preauth] Apr 3 11:19:17 bcs sshd[19300]: debug1: temporarily_use_uid: 1008/1007 (e=0/0) Apr 3 11:19:17 bcs sshd[19300]: debug1: trying public key file /root/.ssh/authorized_keys Apr 3 11:19:17 bcs sshd[19300]: debug1: Could not open authorized keys '/root/.ssh/authorized_keys': Permission denied Apr 3 11:19:17 bcs sshd[19300]: debug1: restore_uid: 0/0 Apr 3 11:19:17 bcs sshd[19300]: Failed publickey for git from 103.26.16.233 port 58988 ssh2: RSA a3:40:f0:b3:8d:c7:fa:d2:6e:c4:53:93:1b:30:82:92 Apr 3 11:19:17 bcs sshd[19300]: Connection closed by 103.26.16.233 [preauth] Apr 3 11:19:17 bcs sshd[19300]: debug1: do_cleanup [preauth] Apr 3 11:19:17 bcs sshd[19300]: debug1: monitor_read_log: child log fd closed Apr 3 11:19:17 bcs sshd[19300]: debug1: do_cleanup Apr 3 11:19:17 bcs sshd[19300]: debug1: Killing privsep child 19301

在服务器的sshd_config中检查以下内容 

 PubkeyAuthentication yes AuthorizedKeysFile %h/.ssh/authorized_keys

出于某种原因,你的sshd试图打开/root/.ssh/authorized_keys文件(从你的sshd日志),虽然你试图用用户'git'login,所以它应该实际上读取/home/git/.ssh/ authorized_keys中。 我怀疑AuthorizedKeysFile条目是未configuration的。 通常,AuthorizedKeysFile条目不需要设置,因为它默认为上面的值。

将其添加到服务器上: 

 ssh-keygen -t dsa -N "" -f /etc/ssh/ssh_host_dsa_key ssh-keygen -t rsa -N "" -f /etc/ssh/ssh_host_rsa_key ssh-keygen -t ecdsa -N "" -f /etc/ssh/ssh_host_ecdsa_key