这是从Ubuntu 16.04客户端输出的:
OpenSSH_7.2p2 Ubuntu-4, OpenSSL 1.0.2g-fips 1 Mar 2016 debug1: Reading configuration data /home/manuth/.ssh/config debug1: /home/manuth/.ssh/config line 1: Applying options for r2d2.manuth.life debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to r2d2.manuth.life [103.12.163.90] port 900. debug1: Connection established. debug1: identity file /home/manuth/.ssh/dqar-rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /home/manuth/.ssh/dqar-rsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4 ssh_exchange_identification: Connection closed by remote host /home/manuth/.ssh/dqar-rsa的path和权限也是正确的:
$ ls -l /home/manuth/.ssh/dqar-rsa* -rw------- 1 manuth manuth 3243 Nov 7 11:27 /home/manuth/.ssh/dqar-rsa -rw-r--r-- 1 manuth manuth 740 Nov 7 11:27 /home/manuth/.ssh/dqar-rsa.pub
~/.ssh/config这个主机的入口是:
host r2d2.manuth.life IdentityFile ~/.ssh/dqar-rsa Port 900 IdentitiesOnly yes ForwardX11 yes
如果我尝试对IdentityFile行进行注释,它甚至不会读取~/.ssh任何id_* :
OpenSSH_7.2p2 Ubuntu-4, OpenSSL 1.0.2g-fips 1 Mar 2016 debug1: Reading configuration data /home/manuth/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to r2d2.manuth.life [103.12.163.90] port 900. debug1: Connection established. debug1: identity file /home/manuth/.ssh/id_rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /home/manuth/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/manuth/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/manuth/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/manuth/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/manuth/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/manuth/.ssh/id_ed25519 type 4 debug1: key_load_public: No such file or directory debug1: identity file /home/manuth/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4 ssh_exchange_identification: Connection closed by remote host
这似乎突然出现在今天。
编辑:里面的内容~/.ssh :
$ ls -la insgesamt 36 drwx------ 2 manuth manuth 4096 Nov 7 16:28 . drwxr-xr-x 53 manuth manuth 4096 Nov 7 13:31 .. -rw-r--r-- 1 manuth manuth 805 Nov 7 12:10 authorized_keys -rw-r--r-- 1 manuth manuth 543 Nov 7 13:47 config -rw------- 1 manuth manuth 411 Nov 7 12:10 dqar-ed25519 -rw-r--r-- 1 manuth manuth 96 Nov 7 12:10 dqar-ed25519.pub -rw------- 1 manuth manuth 3243 Nov 7 12:10 dqar-rsa -rw-r--r-- 1 manuth manuth 740 Nov 7 12:10 dqar-rsa.pub -rw-r--r-- 1 manuth manuth 1990 Nov 7 15:14 known_hosts
编辑2:嗯,控制台输出是几行:
Nov 7 13:51:32 dqar sshd [11316]: fatal: Missing privilege separation directory: /var/empty
有问题的服务器是FreeBSD 10.3。
debug1: identity file /home/manuth/.ssh/dqar-rsa type 1
说它成功地读取文件。 失败是在别的地方。
ssh_exchange_identification: Connection closed by remote host
这是真正的问题。 出于某种原因,您无法build立到远程主机的SSH连接。 您可能使用/etc/hosts.deny将其列入黑名单,或者由于其他原因(缺less目录,磁盘故障,完整磁盘等),服务器无法接受连接并启动SSH协议。 来自服务器的日志会告诉你更多。
Nov 7 13:51:32 dqar sshd [11316]: fatal: Missing privilege separation directory: /var/empty
很多解释。 如果由于某些原因删除了该目录并设置了适当的权限(不能由除root以外的任何其他用户写入),则需要创build该目录。
所以原因是,不知何故,没有/var/empty 。 我从这个论坛post创build了它(我知道它是针对Juniper的,但是它也适用于这个FreeBSD): http : //forums.juniper.net/t5/Ethernet-Switching/Missing-privilege-separation-directory-var -empty / TD-p / 173832