Estoy intentando configurar el acceso remoto desde mi nueva computadora portátil (cliente) a mi vieja computadora portátil (servidor). El antiguo se ejecuta en Linux Mint 21.2, el nuevo en Ubuntu 23.10.1. Creé un par de claves SSH en el cliente y luego las usé ssh-copy-id -i ~/.ssh/id_rsa.pub server-name@server_ippara obtener la clave pública de la lista de claves autorizadas en el servidor. Sin embargo, todavía se me solicita que ingrese AMBAS la frase de contraseña y la contraseña del servidor cuando me conecto al servidor a través de ssh. He seguido todos los consejos deaquí, es decir, verifiqué todos los permisos como se describe en la respuesta aceptada, luego realicé la depuración como se describe en la segunda respuesta; el registro de depuración no contiene líneas del formulario Authentication refused:. Mi directorio de inicio puede estar encriptado (el directorio de inicio de Linux Mint está encriptado de forma predeterminada), pero me pide la contraseña en cada inicio de sesión, no solo en el primero. A continuación se muestra el registro de depuración completo, desde el inicio de sesión hasta el cierre de sesión, con las claves SSH y las IP editadas:
debug1: sshd version OpenSSH_8.9, OpenSSL 3.0.2 15 Mar 2022
debug1: private host key #0: ssh-rsa SHA256:<...>
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:<...>
debug1: private host key #2: ssh-ed25519 SHA256:<...>
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: rexec_argv[2]='-p'
debug1: rexec_argv[3]='2222'
debug1: Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 2222 on 0.0.0.0.
Server listening on 0.0.0.0 port 2222.
debug1: Bind to port 2222 on ::.
Server listening on :: port 2222.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: sshd version OpenSSH_8.9, OpenSSL 3.0.2 15 Mar 2022
debug1: private host key #0: ssh-rsa SHA256:<...>
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:<...>
debug1: private host key #2: ssh-ed25519 SHA256:<...>
debug1: inetd sockets after dupping: 3, 3
Connection from 192.168.0.117 port 44842 on 192.168.0.108 port 2222 rdomain ""
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.7
debug1: Remote protocol version 2.0, remote software version OpenSSH_9.3p1 Ubuntu-1ubuntu3.3
debug1: compat_banner: match: OpenSSH_9.3p1 Ubuntu-1ubuntu3.3 pat OpenSSH* compat 0x04000000
debug1: permanently_set_uid: 129/65534 [preauth]
debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: algorithm: [email protected] [preauth]
debug1: kex: host key algorithm: ssh-ed25519 [preauth]
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none [preauth]
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: SSH2_MSG_KEX_ECDH_INIT received [preauth]
debug1: ssh_packet_send2_wrapped: resetting send seqnr 3 [preauth]
debug1: rekey out after 134217728 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: Sending SSH2_MSG_EXT_INFO [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: ssh_packet_read_poll2: resetting read seqnr 3 [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: rekey in after 134217728 blocks [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user monsier-catastrophe service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: PAM: initializing for "monsier-catastrophe"
debug1: PAM: setting PAM_RHOST to "<an_ip_was_here>"
debug1: PAM: setting PAM_TTY to "ssh"
debug1: userauth-request for user monsier-catastrophe service ssh-connection method publickey [preauth]
debug1: attempt 1 failures 0 [preauth]
debug1: userauth_pubkey: publickey test pkalg rsa-sha2-512 pkblob RSA SHA256:<...> [preauth]
debug1: temporarily_use_uid: 1000/1000 (e=0/0)
debug1: trying public key file /home/monsier-catastrophe/.ssh/authorized_keys
debug1: fd 4 clearing O_NONBLOCK
debug1: /home/monsier-catastrophe/.ssh/authorized_keys:1: matching key found: RSA SHA256:<...>
debug1: /home/monsier-catastrophe/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
Accepted key RSA SHA256:<...> found at /home/monsier-catastrophe/.ssh/authorized_keys:1
debug1: restore_uid: 0/0
Postponed publickey for monsier-catastrophe from <client_ip_was_here> port 44842 ssh2 [preauth]
debug1: userauth-request for user monsier-catastrophe service ssh-connection method password [preauth]
debug1: attempt 2 failures 0 [preauth]
debug1: PAM: password authentication accepted for monsier-catastrophe
debug1: do_pam_account: called
Accepted password for monsier-catastrophe from <client_ip> port 44842 ssh2
debug1: monitor_child_preauth: user monsier-catastrophe authenticated by privileged process
debug1: monitor_read_log: child log fd closed
debug1: PAM: establishing credentials
User child is on pid 36402
debug1: SELinux support disabled
debug1: PAM: establishing credentials
debug1: permanently_set_uid: 1000/1000
debug1: rekey in after 134217728 blocks
debug1: rekey out after 134217728 blocks
debug1: ssh_packet_set_postauth: called
debug1: active: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch
debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_global_request: rtype [email protected] want_reply 0
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_new: session 0
debug1: SELinux support disabled
debug1: session_pty_req: session 0 alloc /dev/pts/2
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
Starting session: shell on pts/2 for monsier-catastrophe from <client_ip_was_here> port 44842 id 0
debug1: Setting controlling tty using TIOCSCTTY.
debug1: Received SIGCHLD.
debug1: session_by_pid: pid 36403
debug1: session_exit_message: session 0 channel 0 pid 36403
debug1: session_exit_message: release channel 0
debug1: session_by_tty: session 0 tty /dev/pts/2
debug1: session_pty_cleanup2: session 0 release /dev/pts/2
Received disconnect from 192.168.0.117 port 44842:11: disconnected by user
Disconnected from user monsier-catastrophe <client_ip_was_here> port 44842
debug1: do_cleanup
debug1: temporarily_use_uid: 1000/1000 (e=1000/1000)
debug1: restore_uid: (unprivileged)
debug1: do_cleanup
debug1: PAM: cleanup
debug1: PAM: closing session
debug1: PAM: deleting credentials
debug1: temporarily_use_uid: 1000/1000 (e=0/0)
debug1: restore_uid: 0/0
debug1: audit_event: unhandled event 12
Respuesta1
verifique los permisos en su directorio de inicio; pruebe con un chmod 0700 en él. ssh-copy-id debería (!) haber hecho que los permisos en .ssh y autorizado_keys estén bien, pero verifique que tampoco estén abiertos.