在我的红帽服务器上,sshd将不接受我正确的证书login。 但是,如果我启动另一个端口上的另一个sshd,它的工作原理! (我假设第二个sshd加载相同的configuration文件。)
第二个sshd开头: sudo /usr/sbin/sshd -p 54321 -d #-d是可选的,并打印debugging输出
ssh strange-host -p 22 -vvv打印:
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Offering public key: /home/me/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug3: Wrote 528 bytes for a total of 2389 debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug2: we did not send a packet, disable method debug3: authmethod_lookup password
ssh strange-host -p 54321 -vvv打印:
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Offering public key: /home/me/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug3: Wrote 528 bytes for a total of 2389 debug1: Server accepts key: pkalg ssh-dss blen 433 debug2: input_userauth_pk_ok: SHA1 fp 0f:1c:df:27:f7:86:49:a8:47:7e:7f:f3:32:1c:7d:04:a3:73:a5:72
所以问题是为什么差异?
我想没有办法从“标准”sshd得到任何有用的日志logging来解决问题。
如果你启用dubug输出并比较结果,你会得到什么,例如
ssh -vvv user@host 'echo Done' 2>&1 > ssh_port22.log ssh -vvv -p 54321 user@host 'echo Done' 2>&1 > ssh_port54321.log diff ssh_port22.log ssh_port54321.log