我已經設定了一個 ssh 密鑰,並且希望僅使用密鑰連接到本地主機,無需密碼(注意:這只是一個測試;最終我想連接到內部 git 伺服器,其中發生了同樣的問題)。這是輸出ssh -v 本機
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/myusername/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/myusername/.ssh/id_rsa type 1
debug1: identity file /home/myusername/.ssh/id_rsa-cert type -1
debug1: identity file /home/myusername/.ssh/id_dsa type -1
debug1: identity file /home/myusername/.ssh/id_dsa-cert type -1
debug1: identity file /home/myusername/.ssh/id_ecdsa type -1
debug1: identity file /home/myusername/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/myusername/.ssh/id_ed25519 type -1
debug1: identity file /home/myusername/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr [email protected] none
debug1: kex: client->server aes128-ctr [email protected] none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 7f:96:64:b2:df:f5:de:e8:af:ff:5d:da:5e:3d:e4:c1
debug1: Host 'localhost' is known and matches the ECDSA host key.
debug1: Found key in /home/myusername/.ssh/known_hosts:12
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/myusername/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/myusername/.ssh/id_dsa
debug1: Trying private key: /home/myusername/.ssh/id_ecdsa
debug1: Trying private key: /home/myusername/.ssh/id_ed25519
debug1: Next authentication method: password
我讀了幾篇關於類似問題的帖子,並檢查了一些提示:
- $HOME 目錄 (700)、.ssh (700) 和 .ssh/* (644,authorized_keys 和 id_rsa 除外,它們有 600) 權限應該正確
- 透過密碼連線有效
有趣的是,我的計算機明確表示它接受密鑰:
debug1: Server accepts key: pkalg ssh-rsa blen 279
編輯:對應的 auth.log 條目:
May 18 16:34:44 desktop-178 sshd[3330]: error: RSA_public_decrypt failed: error:0407006A:lib(4):func(112):reason(106)
May 18 16:34:52 desktop-178 sshd[3330]: Connection closed by 127.0.0.1 [preauth]
然而,最後我被要求輸入密碼。我該如何解決這個問題?
答案1
我會將其作為答案發布,因為它部分解決了問題,但我不滿意,因為我不明白出了什麼問題。
發現於:https://www.redhat.com/archives/rhl-list/2009-June/msg03099.html
如果我將私鑰的名稱更改為 id_rsa.old,然後使用 -i 標誌指定它,我就可以登入第一個主機。
我可以確認這是有效的,但這充其量只是一個麻煩,而且完全令人困惑。