Windows Server 2016에서 인증 문제가 있습니다.
개인 키로 인증하는 SSH를 통해 연결해야 하는 로컬 사용자(관리자가 아님)를 만들었습니다.
Windows Server 2016에는 OpenSSH 기능을 설치할 수 없으므로 다음을 따랐습니다.이 가이드다음에서 최신 OpenSSH 빌드를 성공적으로 설치했습니다.PowerShell github 저장소. Windows Server 서비스에서 "OpenSSH SSH 서버"가 올바르게 실행되고 있으며 자동 시작으로 설정되어 있습니다.
또한 고급 보안이 포함된 Windows 방화벽에서 특정 IP에서만 포트 22를 통한 연결을 허용하는 특정 인바운드 규칙을 만들었습니다. 실제로 사용자 이름과 비밀번호를 사용한 표준 인증은 Putty와 WinSCP 모두에서 작동합니다.
사용자의 공개 키를 user(나중에 이라고 함) 기본 디렉터리 내부의 ".ssh" 폴더에 있는 "authorized_keys" 파일에 넣었습니다 username1. 수동으로(폴더 생성 및 파일 복사) 시도와 WinSCP "서버에 공개 키 설치" 기능을 모두 사용해 보았습니다. 두 경우 모두 결과는 동일합니다.
폴더에는 인증이 필요한 관리자와 로컬 사용자 모두에 대한 읽기 및 쓰기 권한이 있습니다. 키의 형식은 "ssh-rsa XXXXXXX rsa-key-YYYYMMDD"입니다.
마지막으로 WinSCP 내부 SSH -> 인증 탭에 개인 키를 삽입하고 연결을 시도했습니다. 다음과 같은 "서버가 키를 거부했습니다" 오류가 발생했습니다.
WinSCP와 Putty 모두에서 동일한 오류가 발생했습니다. 테스트 목적으로 새 개인/공개 키를 생성하고 동일한 공개 키를 사용하여 "C:\ProgramData\ssh"에 "administrators_authorized_keys" 파일을 생성했지만 동일한 오류가 발생합니다. 파일 권한에 문제가 있는 것 같습니다.
내가 무엇을 놓치고 있는지 알 수 없습니다. 많은 질문을 읽었지만 모두 Linux 인스턴스에 관한 것입니다. 누군가 나를 도와줄 수 있나요?
이것은 WinSCP 로그입니다:
2019-12-17 14:16:03.852 --------------------------------------------------------------------------
2019-12-17 14:16:03.889 Looking up host "XXX.XXX.XXX.X" for SSH connection
2019-12-17 14:16:03.889 Connecting to XXX.XXX.XXX.X port 22
2019-12-17 14:16:03.936 Selecting events 63 for socket 1788
2019-12-17 14:16:03.936 We claim version: SSH-2.0-WinSCP_release_5.15.9
2019-12-17 14:16:03.960 Waiting for the server to continue with the initialization
2019-12-17 14:16:03.961 Looking for incoming data
2019-12-17 14:16:03.961 Looking for network events
2019-12-17 14:16:03.961 Detected network event
2019-12-17 14:16:03.961 Enumerating network events for socket 1788
2019-12-17 14:16:03.961 Enumerated 18 network events making 18 cumulative events for socket 1788
2019-12-17 14:16:03.961 Handling network write event on socket 1788 with error 0
2019-12-17 14:16:03.961 Handling network connect event on socket 1788 with error 0
2019-12-17 14:16:03.961 Looking for network events
2019-12-17 14:16:04.026 Detected network event
2019-12-17 14:16:04.026 Enumerating network events for socket 1788
2019-12-17 14:16:04.026 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.026 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.027 Server version: SSH-2.0-OpenSSH_for_Windows_8.0
2019-12-17 14:16:04.027 Using SSH protocol version 2
2019-12-17 14:16:04.027 Have a known host key of type ssh-ed25519
2019-12-17 14:16:04.028 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.028 Looking for incoming data
2019-12-17 14:16:04.028 Looking for network events
2019-12-17 14:16:04.078 Detected network event
2019-12-17 14:16:04.078 Enumerating network events for socket 1788
2019-12-17 14:16:04.078 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.078 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.079 Doing ECDH key exchange with curve Curve25519 and hash SHA-256
2019-12-17 14:16:04.103 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.103 Looking for incoming data
2019-12-17 14:16:04.103 Looking for network events
2019-12-17 14:16:04.151 Detected network event
2019-12-17 14:16:04.151 Enumerating network events for socket 1788
2019-12-17 14:16:04.151 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.151 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.529 Server also has ecdsa-sha2-nistp256/ssh-rsa host keys, but we don't know any of them
2019-12-17 14:16:04.531 Host key fingerprint is:
2019-12-17 14:16:04.531 ssh-ed25519 256 XXXXXXXXX
2019-12-17 14:16:04.531 Verifying host key ssh-ed25519 XXXXXXXXXXX
2019-12-17 14:16:04.572 Host key matches cached key
2019-12-17 14:16:04.572 Selecting events 63 for socket 1788
2019-12-17 14:16:04.572 Initialised AES-256 SDCTR client->server encryption
2019-12-17 14:16:04.572 Initialised HMAC-SHA-256 client->server MAC algorithm
2019-12-17 14:16:04.572 Initialised AES-256 SDCTR server->client encryption
2019-12-17 14:16:04.572 Initialised HMAC-SHA-256 server->client MAC algorithm
2019-12-17 14:16:04.572 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.572 Looking for incoming data
2019-12-17 14:16:04.572 Looking for network events
2019-12-17 14:16:04.746 Detected network event
2019-12-17 14:16:04.746 Enumerating network events for socket 1788
2019-12-17 14:16:04.746 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.746 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.746 Reading key file "C:\Users\username1\Desktop\private.ppk"
! 2019-12-17 14:16:04.748 Using username1 "USERNAME1".
2019-12-17 14:16:04.783 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.783 Looking for incoming data
2019-12-17 14:16:04.783 Looking for network events
2019-12-17 14:16:04.847 Detected network event
2019-12-17 14:16:04.847 Enumerating network events for socket 1788
2019-12-17 14:16:04.847 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.847 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.847 Server offered these authentication methods: publickey,password,keyboard-interactive
2019-12-17 14:16:04.847 Offered public key
2019-12-17 14:16:04.847 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.847 Looking for incoming data
2019-12-17 14:16:04.847 Looking for network events
2019-12-17 14:16:04.923 Detected network event
2019-12-17 14:16:04.923 Enumerating network events for socket 1788
2019-12-17 14:16:04.923 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.923 Handling network read event on socket 1788 with error 0
! 2019-12-17 14:16:04.923 Server refused our key
2019-12-17 14:16:04.937 Server refused our key
2019-12-17 14:16:04.937 Server offered these authentication methods: publickey,password,keyboard-interactive
2019-12-17 14:16:04.938 Attempting keyboard-interactive authentication
2019-12-17 14:16:04.938 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.938 Looking for incoming data
2019-12-17 14:16:04.938 Looking for network events
2019-12-17 14:16:05.004 Detected network event
2019-12-17 14:16:05.005 Enumerating network events for socket 1788
2019-12-17 14:16:05.005 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:05.005 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:05.005 Server refused keyboard-interactive authentication
2019-12-17 14:16:05.005 Server offered these authentication methods: publickey,password,keyboard-interactive
2019-12-17 14:16:05.005 Prompt (password, "SSH password", <no instructions>, "&Password: ")
OpenSSH 로그는 다음과 같습니다.
3356 2019-12-17 19:31:44.650 debug1: inetd sockets after dupping: 4, 4
3356 2019-12-17 19:31:44.650 Connection from X.XX.XX.XXX port 54728 on 10.0.0.2 port 22
3356 2019-12-17 19:31:44.650 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.0
3356 2019-12-17 19:31:44.650 debug1: Remote protocol version 2.0, remote software version WinSCP_release_5.15.9
3356 2019-12-17 19:31:44.650 debug1: no match: WinSCP_release_5.15.9
3356 2019-12-17 19:31:44.650 debug2: fd 4 setting O_NONBLOCK
3356 2019-12-17 19:31:44.666 debug3: spawning "C:\\Program Files\\OpenSSH\\sshd.exe" -y
3356 2019-12-17 19:31:44.666 debug2: Network child is on pid 4660
3356 2019-12-17 19:31:44.666 debug3: send_rexec_state: entering fd = 6 config len 289
3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0
3356 2019-12-17 19:31:44.666 debug3: send_rexec_state: done
3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0
3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0
3356 2019-12-17 19:31:44.666 debug3: preauth child monitor started
3356 2019-12-17 19:31:44.681 debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
3356 2019-12-17 19:31:44.681 debug3: send packet: type 20 [preauth]
3356 2019-12-17 19:31:44.681 debug1: SSH2_MSG_KEXINIT sent [preauth]
3356 2019-12-17 19:31:44.744 debug3: receive packet: type 20 [preauth]
3356 2019-12-17 19:31:44.744 debug1: SSH2_MSG_KEXINIT received [preauth]
3356 2019-12-17 19:31:44.744 debug2: local server KEXINIT proposal [preauth]
3356 2019-12-17 19:31:44.744 debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression ctos: none [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression stoc: none [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages ctos: [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages stoc: [preauth]
3356 2019-12-17 19:31:44.744 debug2: first_kex_follows 0 [preauth]
3356 2019-12-17 19:31:44.744 debug2: reserved 0 [preauth]
3356 2019-12-17 19:31:44.744 debug2: peer client KEXINIT proposal [preauth]
3356 2019-12-17 19:31:44.744 debug2: KEX algorithms: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa2048-sha256,rsa1024-sha1,diffie-hellman-group1-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers ctos: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers stoc: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression ctos: none,zlib [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression stoc: none,zlib [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages ctos: [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages stoc: [preauth]
3356 2019-12-17 19:31:44.744 debug2: first_kex_follows 0 [preauth]
3356 2019-12-17 19:31:44.744 debug2: reserved 0 [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: algorithm: [email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: host key algorithm: ssh-ed25519 [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
3356 2019-12-17 19:31:44.744 debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
3356 2019-12-17 19:31:44.822 debug3: receive packet: type 30 [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_sshkey_sign entering [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_send entering: type 6 [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_receive entering
3356 2019-12-17 19:31:44.822 debug3: monitor_read: checking request 6
3356 2019-12-17 19:31:44.822 debug3: mm_answer_sign
3356 2019-12-17 19:31:44.822 debug3: mm_answer_sign: hostkey proof signature 000001D8B28BAFA0(83)
3356 2019-12-17 19:31:44.822 debug3: mm_request_send entering: type 7
3356 2019-12-17 19:31:44.822 debug2: monitor_read: 6 used once, disabling now
3356 2019-12-17 19:31:44.822 debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_receive_expect entering: type 7 [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_receive entering [preauth]
3356 2019-12-17 19:31:44.822 debug3: send packet: type 31 [preauth]
3356 2019-12-17 19:31:44.822 debug3: send packet: type 21 [preauth]
3356 2019-12-17 19:31:44.822 debug2: set_newkeys: mode 1 [preauth]
3356 2019-12-17 19:31:44.822 debug1: rekey out after 4294967296 blocks [preauth]
3356 2019-12-17 19:31:44.822 debug1: SSH2_MSG_NEWKEYS sent [preauth]
3356 2019-12-17 19:31:44.822 debug1: expecting SSH2_MSG_NEWKEYS [preauth]
3356 2019-12-17 19:31:45.338 debug3: receive packet: type 21 [preauth]
3356 2019-12-17 19:31:45.338 debug1: SSH2_MSG_NEWKEYS received [preauth]
3356 2019-12-17 19:31:45.338 debug2: set_newkeys: mode 0 [preauth]
3356 2019-12-17 19:31:45.338 debug1: rekey in after 4294967296 blocks [preauth]
3356 2019-12-17 19:31:45.338 debug1: KEX done [preauth]
3356 2019-12-17 19:31:45.416 debug3: receive packet: type 5 [preauth]
3356 2019-12-17 19:31:45.416 debug3: send packet: type 6 [preauth]
3356 2019-12-17 19:31:45.494 debug3: receive packet: type 50 [preauth]
3356 2019-12-17 19:31:45.494 debug1: userauth-request for user username1 service ssh-connection method none [preauth]
3356 2019-12-17 19:31:45.494 debug1: attempt 0 failures 0 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_getpwnamallow entering [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 8 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive_expect entering: type 9 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering
3356 2019-12-17 19:31:45.494 debug3: monitor_read: checking request 8
3356 2019-12-17 19:31:45.494 debug3: mm_answer_pwnamallow
3356 2019-12-17 19:31:45.494 debug2: parse_server_config: config reprocess config len 289
3356 2019-12-17 19:31:45.494 debug3: checking match for 'Group administrators' user username1 host X.XX.XX.XXX addr X.XX.XX.XXX laddr 10.0.0.2 lport 22
3356 2019-12-17 19:31:45.494 debug3: LsaLogonUser Succeeded (Impersonation: 0)
3356 2019-12-17 19:31:45.494 debug1: user username1 does not match group list administrators at line 87
3356 2019-12-17 19:31:45.494 debug3: match not found
3356 2019-12-17 19:31:45.494 debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 9
3356 2019-12-17 19:31:45.494 debug2: monitor_read: 8 used once, disabling now
3356 2019-12-17 19:31:45.494 debug2: input_userauth_request: setting up authctxt for username1 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_inform_authserv entering [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 4 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering
3356 2019-12-17 19:31:45.494 debug3: monitor_read: checking request 4
3356 2019-12-17 19:31:45.494 debug3: mm_answer_authserv: service=ssh-connection, style=
3356 2019-12-17 19:31:45.494 debug2: monitor_read: 4 used once, disabling now
3356 2019-12-17 19:31:45.494 debug2: input_userauth_request: try method none [preauth]
3356 2019-12-17 19:31:45.494 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
3356 2019-12-17 19:31:45.494 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth]
3356 2019-12-17 19:31:45.510 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
3356 2019-12-17 19:31:45.510 debug3: send packet: type 51 [preauth]
3356 2019-12-17 19:31:45.556 debug3: receive packet: type 50 [preauth]
3356 2019-12-17 19:31:45.556 debug1: userauth-request for user username1 service ssh-connection method publickey [preauth]
3356 2019-12-17 19:31:45.556 debug1: attempt 1 failures 0 [preauth]
3356 2019-12-17 19:31:45.556 debug2: input_userauth_request: try method publickey [preauth]
3356 2019-12-17 19:31:45.556 debug2: userauth_pubkey: valid user username1 querying public key ssh-rsa XXXXXXXXXXX [preauth]
3356 2019-12-17 19:31:45.556 debug1: userauth_pubkey: test pkalg ssh-rsa pkblob RSA SHA256:XXXXXXX [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_key_allowed entering [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_send entering: type 22 [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_receive entering
3356 2019-12-17 19:31:45.556 debug3: monitor_read: checking request 22
3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed entering
3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed: key_from_blob: 000001D8B28BF1C0
3356 2019-12-17 19:31:45.556 debug1: trying public key file C:\\Users\\username1\\.ssh/authorized_keys
3356 2019-12-17 19:31:45.556 debug3: Bad permissions. Try removing permissions for user: VM-EPM\\username2 (S-1-5-21-3826319457-1004635287-1909893433-1001) on file C:/Users/username1/.ssh/authorized_keys.
3356 2019-12-17 19:31:45.556 Authentication refused.
3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed: publickey authentication test: RSA key is not allowed
3356 2019-12-17 19:31:45.556 Failed publickey for username1 from X.XX.XX.XXX port 54728 ssh2: RSA SHA256:o8b9CXuYPzNSz6M/rsN+XAQHqEcdPwWasDglinXbtig
3356 2019-12-17 19:31:45.556 debug3: mm_request_send entering: type 23
3356 2019-12-17 19:31:45.556 debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_receive_expect entering: type 23 [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_receive entering [preauth]
3356 2019-12-17 19:31:45.556 debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa [preauth]
3356 2019-12-17 19:31:45.556 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
3356 2019-12-17 19:31:45.556 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth]
3356 2019-12-17 19:31:45.572 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
3356 2019-12-17 19:31:45.572 debug3: send packet: type 51 [preauth]
3356 2019-12-17 19:31:45.666 debug3: receive packet: type 50 [preauth]
3356 2019-12-17 19:31:45.666 debug1: userauth-request for user username1 service ssh-connection method keyboard-interactive [preauth]
3356 2019-12-17 19:31:45.666 debug1: attempt 2 failures 1 [preauth]
3356 2019-12-17 19:31:45.666 debug2: input_userauth_request: try method keyboard-interactive [preauth]
3356 2019-12-17 19:31:45.666 debug1: keyboard-interactive devs [preauth]
3356 2019-12-17 19:31:45.666 debug1: auth2_challenge: user=username1 devs= [preauth]
3356 2019-12-17 19:31:45.666 debug1: kbdint_alloc: devices '' [preauth]
3356 2019-12-17 19:31:45.666 debug2: auth2_challenge_start: devices [preauth]
3356 2019-12-17 19:31:45.666 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
3356 2019-12-17 19:31:45.666 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth]
3356 2019-12-17 19:31:45.681 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
3356 2019-12-17 19:31:45.681 debug3: send packet: type 51 [preauth]
두 로그 모두에서 username1연결해야 하는 로컬 사용자는 username2관리자(가 아님 SYSTEM)입니다.
감사해요,
안드레아
답변1
나는 이 메시지가 매우 분명하다고 믿습니다.
3356 2019-12-17 19:31:45.556 debug3: 권한이 잘못되었습니다. C:/Users/username1/.ssh/authorized_keys 파일에서 사용자 VM-EPM\username2(S-1-5-21-3826319457-1004635287-1909893433-1001)에 대한 권한을 제거해 보세요.
사용자 자신( username1)을 제외한 다른 사용자는 파일에 대한 쓰기 권한을 가질 수 없습니다 authorized_keys.
섹션도 참조하세요."SSH 공개 키 인증 설정"Windows OpenSSH에 대한 내 기사에서.