Windows Server 2016 上的 SSH 日誌記錄 - 「伺服器拒絕我們的金鑰

Windows Server 2016 上的 SSH 日誌記錄 - 「伺服器拒絕我們的金鑰

我在 Windows Server 2016 中遇到驗證問題。

我創建了一個本機使用者(不是管理員),需要透過 SSH 進行連線並使用其私鑰進行身份驗證。

由於 Windows Server 2016 沒有提供可安裝的 OpenSSH 功能,因此我遵循本指南並成功安裝了最新版本的 OpenSSHPowerShell github 儲存庫。在 Windows Server 服務中「OpenSSH SSH Server」正確運作並設定為自動啟動。

我還在具有高級安全性的Windows 防火牆中創建了一個特定的入站規則,以僅允許來自特定IP 的通過端口22 的連接(事實上,使用用戶名和密碼進行的標準身份驗證在Putty 和WinSCP 中均有效)。

我已將使用者的公鑰放在使用者(以後稱為username1)主目錄內“.ssh”資料夾中的“authorized_keys”檔案中。我嘗試過手動(創建資料夾並複製文件)和使用 WinSCP“將公鑰安裝到伺服器”功能。在這兩種情況下,結果是相同的。

該資料夾具有管理員和需要身份驗證的本機使用者的讀寫權限。密鑰的格式為「ssh-rsa XXXXXXX rsa-key-YYYYMMDD」。

最後,我將私鑰插入 WinSCP 內的 SSH -> 驗證標籤中並嘗試連線。我收到以下“伺服器拒絕我們的密鑰”錯誤。

我在 WinSCP 和 Putty 中都遇到了同樣的錯誤。我創建了新的私鑰/公鑰只是為了測試目的,並使用相同的公鑰在“C:\ProgramData\ssh”中創建了一個“administrators_authorized_keys”文件,但我得到了相同的錯誤。我認為檔案權限有問題。

我不知道我錯過了什麼。我讀過很多問題,但它們都是關於 Linux 實例的。有人可以幫幫我嗎?

這是 WinSCP 日誌:

2019-12-17 14:16:03.852 --------------------------------------------------------------------------
2019-12-17 14:16:03.889 Looking up host "XXX.XXX.XXX.X" for SSH connection
2019-12-17 14:16:03.889 Connecting to XXX.XXX.XXX.X port 22
2019-12-17 14:16:03.936 Selecting events 63 for socket 1788
2019-12-17 14:16:03.936 We claim version: SSH-2.0-WinSCP_release_5.15.9
2019-12-17 14:16:03.960 Waiting for the server to continue with the initialization
2019-12-17 14:16:03.961 Looking for incoming data
2019-12-17 14:16:03.961 Looking for network events
2019-12-17 14:16:03.961 Detected network event
2019-12-17 14:16:03.961 Enumerating network events for socket 1788
2019-12-17 14:16:03.961 Enumerated 18 network events making 18 cumulative events for socket 1788
2019-12-17 14:16:03.961 Handling network write event on socket 1788 with error 0
2019-12-17 14:16:03.961 Handling network connect event on socket 1788 with error 0
2019-12-17 14:16:03.961 Looking for network events
2019-12-17 14:16:04.026 Detected network event
2019-12-17 14:16:04.026 Enumerating network events for socket 1788
2019-12-17 14:16:04.026 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.026 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.027 Server version: SSH-2.0-OpenSSH_for_Windows_8.0
2019-12-17 14:16:04.027 Using SSH protocol version 2
2019-12-17 14:16:04.027 Have a known host key of type ssh-ed25519
2019-12-17 14:16:04.028 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.028 Looking for incoming data
2019-12-17 14:16:04.028 Looking for network events
2019-12-17 14:16:04.078 Detected network event
2019-12-17 14:16:04.078 Enumerating network events for socket 1788
2019-12-17 14:16:04.078 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.078 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.079 Doing ECDH key exchange with curve Curve25519 and hash SHA-256
2019-12-17 14:16:04.103 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.103 Looking for incoming data
2019-12-17 14:16:04.103 Looking for network events
2019-12-17 14:16:04.151 Detected network event
2019-12-17 14:16:04.151 Enumerating network events for socket 1788
2019-12-17 14:16:04.151 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.151 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.529 Server also has ecdsa-sha2-nistp256/ssh-rsa host keys, but we don't know any of them
2019-12-17 14:16:04.531 Host key fingerprint is:
2019-12-17 14:16:04.531 ssh-ed25519 256 XXXXXXXXX
2019-12-17 14:16:04.531 Verifying host key ssh-ed25519 XXXXXXXXXXX
2019-12-17 14:16:04.572 Host key matches cached key
2019-12-17 14:16:04.572 Selecting events 63 for socket 1788
2019-12-17 14:16:04.572 Initialised AES-256 SDCTR client->server encryption
2019-12-17 14:16:04.572 Initialised HMAC-SHA-256 client->server MAC algorithm
2019-12-17 14:16:04.572 Initialised AES-256 SDCTR server->client encryption
2019-12-17 14:16:04.572 Initialised HMAC-SHA-256 server->client MAC algorithm
2019-12-17 14:16:04.572 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.572 Looking for incoming data
2019-12-17 14:16:04.572 Looking for network events
2019-12-17 14:16:04.746 Detected network event
2019-12-17 14:16:04.746 Enumerating network events for socket 1788
2019-12-17 14:16:04.746 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.746 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.746 Reading key file "C:\Users\username1\Desktop\private.ppk"
    ! 2019-12-17 14:16:04.748 Using username1 "USERNAME1".
2019-12-17 14:16:04.783 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.783 Looking for incoming data
2019-12-17 14:16:04.783 Looking for network events
2019-12-17 14:16:04.847 Detected network event
2019-12-17 14:16:04.847 Enumerating network events for socket 1788
2019-12-17 14:16:04.847 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.847 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.847 Server offered these authentication methods: publickey,password,keyboard-interactive
2019-12-17 14:16:04.847 Offered public key
2019-12-17 14:16:04.847 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.847 Looking for incoming data
2019-12-17 14:16:04.847 Looking for network events
2019-12-17 14:16:04.923 Detected network event
2019-12-17 14:16:04.923 Enumerating network events for socket 1788
2019-12-17 14:16:04.923 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.923 Handling network read event on socket 1788 with error 0
    ! 2019-12-17 14:16:04.923 Server refused our key
2019-12-17 14:16:04.937 Server refused our key
2019-12-17 14:16:04.937 Server offered these authentication methods: publickey,password,keyboard-interactive
2019-12-17 14:16:04.938 Attempting keyboard-interactive authentication
2019-12-17 14:16:04.938 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.938 Looking for incoming data
2019-12-17 14:16:04.938 Looking for network events
2019-12-17 14:16:05.004 Detected network event
2019-12-17 14:16:05.005 Enumerating network events for socket 1788
2019-12-17 14:16:05.005 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:05.005 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:05.005 Server refused keyboard-interactive authentication
2019-12-17 14:16:05.005 Server offered these authentication methods: publickey,password,keyboard-interactive
2019-12-17 14:16:05.005 Prompt (password, "SSH password", <no instructions>, "&Password: ")

這裡是 OpenSSH 日誌:

3356 2019-12-17 19:31:44.650 debug1: inetd sockets after dupping: 4, 4
3356 2019-12-17 19:31:44.650 Connection from X.XX.XX.XXX port 54728 on 10.0.0.2 port 22
3356 2019-12-17 19:31:44.650 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.0
3356 2019-12-17 19:31:44.650 debug1: Remote protocol version 2.0, remote software version WinSCP_release_5.15.9
3356 2019-12-17 19:31:44.650 debug1: no match: WinSCP_release_5.15.9
3356 2019-12-17 19:31:44.650 debug2: fd 4 setting O_NONBLOCK
3356 2019-12-17 19:31:44.666 debug3: spawning "C:\\Program Files\\OpenSSH\\sshd.exe" -y
3356 2019-12-17 19:31:44.666 debug2: Network child is on pid 4660
3356 2019-12-17 19:31:44.666 debug3: send_rexec_state: entering fd = 6 config len 289
3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0
3356 2019-12-17 19:31:44.666 debug3: send_rexec_state: done
3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0
3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0
3356 2019-12-17 19:31:44.666 debug3: preauth child monitor started
3356 2019-12-17 19:31:44.681 debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
3356 2019-12-17 19:31:44.681 debug3: send packet: type 20 [preauth]
3356 2019-12-17 19:31:44.681 debug1: SSH2_MSG_KEXINIT sent [preauth]
3356 2019-12-17 19:31:44.744 debug3: receive packet: type 20 [preauth]
3356 2019-12-17 19:31:44.744 debug1: SSH2_MSG_KEXINIT received [preauth]
3356 2019-12-17 19:31:44.744 debug2: local server KEXINIT proposal [preauth]
3356 2019-12-17 19:31:44.744 debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression ctos: none [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression stoc: none [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages ctos:  [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages stoc:  [preauth]
3356 2019-12-17 19:31:44.744 debug2: first_kex_follows 0  [preauth]
3356 2019-12-17 19:31:44.744 debug2: reserved 0  [preauth]
3356 2019-12-17 19:31:44.744 debug2: peer client KEXINIT proposal [preauth]
3356 2019-12-17 19:31:44.744 debug2: KEX algorithms: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa2048-sha256,rsa1024-sha1,diffie-hellman-group1-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers ctos: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers stoc: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression ctos: none,zlib [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression stoc: none,zlib [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages ctos:  [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages stoc:  [preauth]
3356 2019-12-17 19:31:44.744 debug2: first_kex_follows 0  [preauth]
3356 2019-12-17 19:31:44.744 debug2: reserved 0  [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: algorithm: [email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: host key algorithm: ssh-ed25519 [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
3356 2019-12-17 19:31:44.744 debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
3356 2019-12-17 19:31:44.822 debug3: receive packet: type 30 [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_sshkey_sign entering [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_send entering: type 6 [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_receive entering
3356 2019-12-17 19:31:44.822 debug3: monitor_read: checking request 6
3356 2019-12-17 19:31:44.822 debug3: mm_answer_sign
3356 2019-12-17 19:31:44.822 debug3: mm_answer_sign: hostkey proof signature 000001D8B28BAFA0(83)
3356 2019-12-17 19:31:44.822 debug3: mm_request_send entering: type 7
3356 2019-12-17 19:31:44.822 debug2: monitor_read: 6 used once, disabling now
3356 2019-12-17 19:31:44.822 debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_receive_expect entering: type 7 [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_receive entering [preauth]
3356 2019-12-17 19:31:44.822 debug3: send packet: type 31 [preauth]
3356 2019-12-17 19:31:44.822 debug3: send packet: type 21 [preauth]
3356 2019-12-17 19:31:44.822 debug2: set_newkeys: mode 1 [preauth]
3356 2019-12-17 19:31:44.822 debug1: rekey out after 4294967296 blocks [preauth]
3356 2019-12-17 19:31:44.822 debug1: SSH2_MSG_NEWKEYS sent [preauth]
3356 2019-12-17 19:31:44.822 debug1: expecting SSH2_MSG_NEWKEYS [preauth]
3356 2019-12-17 19:31:45.338 debug3: receive packet: type 21 [preauth]
3356 2019-12-17 19:31:45.338 debug1: SSH2_MSG_NEWKEYS received [preauth]
3356 2019-12-17 19:31:45.338 debug2: set_newkeys: mode 0 [preauth]
3356 2019-12-17 19:31:45.338 debug1: rekey in after 4294967296 blocks [preauth]
3356 2019-12-17 19:31:45.338 debug1: KEX done [preauth]
3356 2019-12-17 19:31:45.416 debug3: receive packet: type 5 [preauth]
3356 2019-12-17 19:31:45.416 debug3: send packet: type 6 [preauth]
3356 2019-12-17 19:31:45.494 debug3: receive packet: type 50 [preauth]
3356 2019-12-17 19:31:45.494 debug1: userauth-request for user username1 service ssh-connection method none [preauth]
3356 2019-12-17 19:31:45.494 debug1: attempt 0 failures 0 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_getpwnamallow entering [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 8 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive_expect entering: type 9 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering
3356 2019-12-17 19:31:45.494 debug3: monitor_read: checking request 8
3356 2019-12-17 19:31:45.494 debug3: mm_answer_pwnamallow
3356 2019-12-17 19:31:45.494 debug2: parse_server_config: config reprocess config len 289
3356 2019-12-17 19:31:45.494 debug3: checking match for 'Group administrators' user username1 host X.XX.XX.XXX addr X.XX.XX.XXX laddr 10.0.0.2 lport 22
3356 2019-12-17 19:31:45.494 debug3: LsaLogonUser Succeeded (Impersonation: 0)
3356 2019-12-17 19:31:45.494 debug1: user username1 does not match group list administrators at line 87
3356 2019-12-17 19:31:45.494 debug3: match not found
3356 2019-12-17 19:31:45.494 debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 9
3356 2019-12-17 19:31:45.494 debug2: monitor_read: 8 used once, disabling now
3356 2019-12-17 19:31:45.494 debug2: input_userauth_request: setting up authctxt for username1 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_inform_authserv entering [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 4 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering
3356 2019-12-17 19:31:45.494 debug3: monitor_read: checking request 4
3356 2019-12-17 19:31:45.494 debug3: mm_answer_authserv: service=ssh-connection, style=
3356 2019-12-17 19:31:45.494 debug2: monitor_read: 4 used once, disabling now
3356 2019-12-17 19:31:45.494 debug2: input_userauth_request: try method none [preauth]
3356 2019-12-17 19:31:45.494 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
3356 2019-12-17 19:31:45.494 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth]
3356 2019-12-17 19:31:45.510 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
3356 2019-12-17 19:31:45.510 debug3: send packet: type 51 [preauth]
3356 2019-12-17 19:31:45.556 debug3: receive packet: type 50 [preauth]
3356 2019-12-17 19:31:45.556 debug1: userauth-request for user username1 service ssh-connection method publickey [preauth]
3356 2019-12-17 19:31:45.556 debug1: attempt 1 failures 0 [preauth]
3356 2019-12-17 19:31:45.556 debug2: input_userauth_request: try method publickey [preauth]
3356 2019-12-17 19:31:45.556 debug2: userauth_pubkey: valid user username1 querying public key ssh-rsa XXXXXXXXXXX [preauth]
3356 2019-12-17 19:31:45.556 debug1: userauth_pubkey: test pkalg ssh-rsa pkblob RSA SHA256:XXXXXXX [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_key_allowed entering [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_send entering: type 22 [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_receive entering
3356 2019-12-17 19:31:45.556 debug3: monitor_read: checking request 22
3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed entering
3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed: key_from_blob: 000001D8B28BF1C0
3356 2019-12-17 19:31:45.556 debug1: trying public key file C:\\Users\\username1\\.ssh/authorized_keys
3356 2019-12-17 19:31:45.556 debug3: Bad permissions. Try removing permissions for user: VM-EPM\\username2 (S-1-5-21-3826319457-1004635287-1909893433-1001) on file C:/Users/username1/.ssh/authorized_keys.
3356 2019-12-17 19:31:45.556 Authentication refused.
3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed: publickey authentication test: RSA key is not allowed
3356 2019-12-17 19:31:45.556 Failed publickey for username1 from X.XX.XX.XXX port 54728 ssh2: RSA SHA256:o8b9CXuYPzNSz6M/rsN+XAQHqEcdPwWasDglinXbtig
3356 2019-12-17 19:31:45.556 debug3: mm_request_send entering: type 23
3356 2019-12-17 19:31:45.556 debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_receive_expect entering: type 23 [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_receive entering [preauth]
3356 2019-12-17 19:31:45.556 debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa [preauth]
3356 2019-12-17 19:31:45.556 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
3356 2019-12-17 19:31:45.556 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth]
3356 2019-12-17 19:31:45.572 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
3356 2019-12-17 19:31:45.572 debug3: send packet: type 51 [preauth]
3356 2019-12-17 19:31:45.666 debug3: receive packet: type 50 [preauth]
3356 2019-12-17 19:31:45.666 debug1: userauth-request for user username1 service ssh-connection method keyboard-interactive [preauth]
3356 2019-12-17 19:31:45.666 debug1: attempt 2 failures 1 [preauth]
3356 2019-12-17 19:31:45.666 debug2: input_userauth_request: try method keyboard-interactive [preauth]
3356 2019-12-17 19:31:45.666 debug1: keyboard-interactive devs  [preauth]
3356 2019-12-17 19:31:45.666 debug1: auth2_challenge: user=username1 devs= [preauth]
3356 2019-12-17 19:31:45.666 debug1: kbdint_alloc: devices '' [preauth]
3356 2019-12-17 19:31:45.666 debug2: auth2_challenge_start: devices  [preauth]
3356 2019-12-17 19:31:45.666 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
3356 2019-12-17 19:31:45.666 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth]
3356 2019-12-17 19:31:45.681 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
3356 2019-12-17 19:31:45.681 debug3: send packet: type 51 [preauth]

在兩個日誌中,username1需要連線的本機使用者username2是管理員(不是SYSTEM)。

謝謝,

安德里亞

答案1

我相信這個訊息非常明確:

3356 2019-12-17 19:31:45.556 debug3:權限錯誤。嘗試刪除檔案 C:/Users/username1/.ssh/authorized_keys 上使用者 VM-EPM\username2 (S-1-5-21-3826319457-1004635287-1909893433-1001) 的權限。

除使用者本人 ( username1) 外,其他任何使用者都不能擁有該檔案的寫入權限authorized_keys

另請參閱本節“設定 SSH 公鑰身份驗證”在我關於 Windows OpenSSH 的文章中

相關內容