我在 Windows Server 2016 中遇到驗證問題。
我創建了一個本機使用者(不是管理員),需要透過 SSH 進行連線並使用其私鑰進行身份驗證。
由於 Windows Server 2016 沒有提供可安裝的 OpenSSH 功能,因此我遵循本指南並成功安裝了最新版本的 OpenSSHPowerShell github 儲存庫。在 Windows Server 服務中「OpenSSH SSH Server」正確運作並設定為自動啟動。
我還在具有高級安全性的Windows 防火牆中創建了一個特定的入站規則,以僅允許來自特定IP 的通過端口22 的連接(事實上,使用用戶名和密碼進行的標準身份驗證在Putty 和WinSCP 中均有效)。
我已將使用者的公鑰放在使用者(以後稱為username1)主目錄內“.ssh”資料夾中的“authorized_keys”檔案中。我嘗試過手動(創建資料夾並複製文件)和使用 WinSCP“將公鑰安裝到伺服器”功能。在這兩種情況下,結果是相同的。
該資料夾具有管理員和需要身份驗證的本機使用者的讀寫權限。密鑰的格式為「ssh-rsa XXXXXXX rsa-key-YYYYMMDD」。
最後,我將私鑰插入 WinSCP 內的 SSH -> 驗證標籤中並嘗試連線。我收到以下“伺服器拒絕我們的密鑰”錯誤。
我在 WinSCP 和 Putty 中都遇到了同樣的錯誤。我創建了新的私鑰/公鑰只是為了測試目的,並使用相同的公鑰在“C:\ProgramData\ssh”中創建了一個“administrators_authorized_keys”文件,但我得到了相同的錯誤。我認為檔案權限有問題。
我不知道我錯過了什麼。我讀過很多問題,但它們都是關於 Linux 實例的。有人可以幫幫我嗎?
這是 WinSCP 日誌:
2019-12-17 14:16:03.852 --------------------------------------------------------------------------
2019-12-17 14:16:03.889 Looking up host "XXX.XXX.XXX.X" for SSH connection
2019-12-17 14:16:03.889 Connecting to XXX.XXX.XXX.X port 22
2019-12-17 14:16:03.936 Selecting events 63 for socket 1788
2019-12-17 14:16:03.936 We claim version: SSH-2.0-WinSCP_release_5.15.9
2019-12-17 14:16:03.960 Waiting for the server to continue with the initialization
2019-12-17 14:16:03.961 Looking for incoming data
2019-12-17 14:16:03.961 Looking for network events
2019-12-17 14:16:03.961 Detected network event
2019-12-17 14:16:03.961 Enumerating network events for socket 1788
2019-12-17 14:16:03.961 Enumerated 18 network events making 18 cumulative events for socket 1788
2019-12-17 14:16:03.961 Handling network write event on socket 1788 with error 0
2019-12-17 14:16:03.961 Handling network connect event on socket 1788 with error 0
2019-12-17 14:16:03.961 Looking for network events
2019-12-17 14:16:04.026 Detected network event
2019-12-17 14:16:04.026 Enumerating network events for socket 1788
2019-12-17 14:16:04.026 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.026 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.027 Server version: SSH-2.0-OpenSSH_for_Windows_8.0
2019-12-17 14:16:04.027 Using SSH protocol version 2
2019-12-17 14:16:04.027 Have a known host key of type ssh-ed25519
2019-12-17 14:16:04.028 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.028 Looking for incoming data
2019-12-17 14:16:04.028 Looking for network events
2019-12-17 14:16:04.078 Detected network event
2019-12-17 14:16:04.078 Enumerating network events for socket 1788
2019-12-17 14:16:04.078 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.078 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.079 Doing ECDH key exchange with curve Curve25519 and hash SHA-256
2019-12-17 14:16:04.103 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.103 Looking for incoming data
2019-12-17 14:16:04.103 Looking for network events
2019-12-17 14:16:04.151 Detected network event
2019-12-17 14:16:04.151 Enumerating network events for socket 1788
2019-12-17 14:16:04.151 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.151 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.529 Server also has ecdsa-sha2-nistp256/ssh-rsa host keys, but we don't know any of them
2019-12-17 14:16:04.531 Host key fingerprint is:
2019-12-17 14:16:04.531 ssh-ed25519 256 XXXXXXXXX
2019-12-17 14:16:04.531 Verifying host key ssh-ed25519 XXXXXXXXXXX
2019-12-17 14:16:04.572 Host key matches cached key
2019-12-17 14:16:04.572 Selecting events 63 for socket 1788
2019-12-17 14:16:04.572 Initialised AES-256 SDCTR client->server encryption
2019-12-17 14:16:04.572 Initialised HMAC-SHA-256 client->server MAC algorithm
2019-12-17 14:16:04.572 Initialised AES-256 SDCTR server->client encryption
2019-12-17 14:16:04.572 Initialised HMAC-SHA-256 server->client MAC algorithm
2019-12-17 14:16:04.572 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.572 Looking for incoming data
2019-12-17 14:16:04.572 Looking for network events
2019-12-17 14:16:04.746 Detected network event
2019-12-17 14:16:04.746 Enumerating network events for socket 1788
2019-12-17 14:16:04.746 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.746 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.746 Reading key file "C:\Users\username1\Desktop\private.ppk"
! 2019-12-17 14:16:04.748 Using username1 "USERNAME1".
2019-12-17 14:16:04.783 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.783 Looking for incoming data
2019-12-17 14:16:04.783 Looking for network events
2019-12-17 14:16:04.847 Detected network event
2019-12-17 14:16:04.847 Enumerating network events for socket 1788
2019-12-17 14:16:04.847 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.847 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:04.847 Server offered these authentication methods: publickey,password,keyboard-interactive
2019-12-17 14:16:04.847 Offered public key
2019-12-17 14:16:04.847 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.847 Looking for incoming data
2019-12-17 14:16:04.847 Looking for network events
2019-12-17 14:16:04.923 Detected network event
2019-12-17 14:16:04.923 Enumerating network events for socket 1788
2019-12-17 14:16:04.923 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:04.923 Handling network read event on socket 1788 with error 0
! 2019-12-17 14:16:04.923 Server refused our key
2019-12-17 14:16:04.937 Server refused our key
2019-12-17 14:16:04.937 Server offered these authentication methods: publickey,password,keyboard-interactive
2019-12-17 14:16:04.938 Attempting keyboard-interactive authentication
2019-12-17 14:16:04.938 Waiting for the server to continue with the initialization
2019-12-17 14:16:04.938 Looking for incoming data
2019-12-17 14:16:04.938 Looking for network events
2019-12-17 14:16:05.004 Detected network event
2019-12-17 14:16:05.005 Enumerating network events for socket 1788
2019-12-17 14:16:05.005 Enumerated 1 network events making 1 cumulative events for socket 1788
2019-12-17 14:16:05.005 Handling network read event on socket 1788 with error 0
2019-12-17 14:16:05.005 Server refused keyboard-interactive authentication
2019-12-17 14:16:05.005 Server offered these authentication methods: publickey,password,keyboard-interactive
2019-12-17 14:16:05.005 Prompt (password, "SSH password", <no instructions>, "&Password: ")
這裡是 OpenSSH 日誌:
3356 2019-12-17 19:31:44.650 debug1: inetd sockets after dupping: 4, 4
3356 2019-12-17 19:31:44.650 Connection from X.XX.XX.XXX port 54728 on 10.0.0.2 port 22
3356 2019-12-17 19:31:44.650 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.0
3356 2019-12-17 19:31:44.650 debug1: Remote protocol version 2.0, remote software version WinSCP_release_5.15.9
3356 2019-12-17 19:31:44.650 debug1: no match: WinSCP_release_5.15.9
3356 2019-12-17 19:31:44.650 debug2: fd 4 setting O_NONBLOCK
3356 2019-12-17 19:31:44.666 debug3: spawning "C:\\Program Files\\OpenSSH\\sshd.exe" -y
3356 2019-12-17 19:31:44.666 debug2: Network child is on pid 4660
3356 2019-12-17 19:31:44.666 debug3: send_rexec_state: entering fd = 6 config len 289
3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0
3356 2019-12-17 19:31:44.666 debug3: send_rexec_state: done
3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0
3356 2019-12-17 19:31:44.666 debug3: ssh_msg_send: type 0
3356 2019-12-17 19:31:44.666 debug3: preauth child monitor started
3356 2019-12-17 19:31:44.681 debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
3356 2019-12-17 19:31:44.681 debug3: send packet: type 20 [preauth]
3356 2019-12-17 19:31:44.681 debug1: SSH2_MSG_KEXINIT sent [preauth]
3356 2019-12-17 19:31:44.744 debug3: receive packet: type 20 [preauth]
3356 2019-12-17 19:31:44.744 debug1: SSH2_MSG_KEXINIT received [preauth]
3356 2019-12-17 19:31:44.744 debug2: local server KEXINIT proposal [preauth]
3356 2019-12-17 19:31:44.744 debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression ctos: none [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression stoc: none [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages ctos: [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages stoc: [preauth]
3356 2019-12-17 19:31:44.744 debug2: first_kex_follows 0 [preauth]
3356 2019-12-17 19:31:44.744 debug2: reserved 0 [preauth]
3356 2019-12-17 19:31:44.744 debug2: peer client KEXINIT proposal [preauth]
3356 2019-12-17 19:31:44.744 debug2: KEX algorithms: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa2048-sha256,rsa1024-sha1,diffie-hellman-group1-sha1 [preauth]
3356 2019-12-17 19:31:44.744 debug2: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers ctos: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth]
3356 2019-12-17 19:31:44.744 debug2: ciphers stoc: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression ctos: none,zlib [preauth]
3356 2019-12-17 19:31:44.744 debug2: compression stoc: none,zlib [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages ctos: [preauth]
3356 2019-12-17 19:31:44.744 debug2: languages stoc: [preauth]
3356 2019-12-17 19:31:44.744 debug2: first_kex_follows 0 [preauth]
3356 2019-12-17 19:31:44.744 debug2: reserved 0 [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: algorithm: [email protected] [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: host key algorithm: ssh-ed25519 [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
3356 2019-12-17 19:31:44.744 debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
3356 2019-12-17 19:31:44.744 debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
3356 2019-12-17 19:31:44.822 debug3: receive packet: type 30 [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_sshkey_sign entering [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_send entering: type 6 [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_receive entering
3356 2019-12-17 19:31:44.822 debug3: monitor_read: checking request 6
3356 2019-12-17 19:31:44.822 debug3: mm_answer_sign
3356 2019-12-17 19:31:44.822 debug3: mm_answer_sign: hostkey proof signature 000001D8B28BAFA0(83)
3356 2019-12-17 19:31:44.822 debug3: mm_request_send entering: type 7
3356 2019-12-17 19:31:44.822 debug2: monitor_read: 6 used once, disabling now
3356 2019-12-17 19:31:44.822 debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_receive_expect entering: type 7 [preauth]
3356 2019-12-17 19:31:44.822 debug3: mm_request_receive entering [preauth]
3356 2019-12-17 19:31:44.822 debug3: send packet: type 31 [preauth]
3356 2019-12-17 19:31:44.822 debug3: send packet: type 21 [preauth]
3356 2019-12-17 19:31:44.822 debug2: set_newkeys: mode 1 [preauth]
3356 2019-12-17 19:31:44.822 debug1: rekey out after 4294967296 blocks [preauth]
3356 2019-12-17 19:31:44.822 debug1: SSH2_MSG_NEWKEYS sent [preauth]
3356 2019-12-17 19:31:44.822 debug1: expecting SSH2_MSG_NEWKEYS [preauth]
3356 2019-12-17 19:31:45.338 debug3: receive packet: type 21 [preauth]
3356 2019-12-17 19:31:45.338 debug1: SSH2_MSG_NEWKEYS received [preauth]
3356 2019-12-17 19:31:45.338 debug2: set_newkeys: mode 0 [preauth]
3356 2019-12-17 19:31:45.338 debug1: rekey in after 4294967296 blocks [preauth]
3356 2019-12-17 19:31:45.338 debug1: KEX done [preauth]
3356 2019-12-17 19:31:45.416 debug3: receive packet: type 5 [preauth]
3356 2019-12-17 19:31:45.416 debug3: send packet: type 6 [preauth]
3356 2019-12-17 19:31:45.494 debug3: receive packet: type 50 [preauth]
3356 2019-12-17 19:31:45.494 debug1: userauth-request for user username1 service ssh-connection method none [preauth]
3356 2019-12-17 19:31:45.494 debug1: attempt 0 failures 0 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_getpwnamallow entering [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 8 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive_expect entering: type 9 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering
3356 2019-12-17 19:31:45.494 debug3: monitor_read: checking request 8
3356 2019-12-17 19:31:45.494 debug3: mm_answer_pwnamallow
3356 2019-12-17 19:31:45.494 debug2: parse_server_config: config reprocess config len 289
3356 2019-12-17 19:31:45.494 debug3: checking match for 'Group administrators' user username1 host X.XX.XX.XXX addr X.XX.XX.XXX laddr 10.0.0.2 lport 22
3356 2019-12-17 19:31:45.494 debug3: LsaLogonUser Succeeded (Impersonation: 0)
3356 2019-12-17 19:31:45.494 debug1: user username1 does not match group list administrators at line 87
3356 2019-12-17 19:31:45.494 debug3: match not found
3356 2019-12-17 19:31:45.494 debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 9
3356 2019-12-17 19:31:45.494 debug2: monitor_read: 8 used once, disabling now
3356 2019-12-17 19:31:45.494 debug2: input_userauth_request: setting up authctxt for username1 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_inform_authserv entering [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_send entering: type 4 [preauth]
3356 2019-12-17 19:31:45.494 debug3: mm_request_receive entering
3356 2019-12-17 19:31:45.494 debug3: monitor_read: checking request 4
3356 2019-12-17 19:31:45.494 debug3: mm_answer_authserv: service=ssh-connection, style=
3356 2019-12-17 19:31:45.494 debug2: monitor_read: 4 used once, disabling now
3356 2019-12-17 19:31:45.494 debug2: input_userauth_request: try method none [preauth]
3356 2019-12-17 19:31:45.494 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
3356 2019-12-17 19:31:45.494 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth]
3356 2019-12-17 19:31:45.510 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
3356 2019-12-17 19:31:45.510 debug3: send packet: type 51 [preauth]
3356 2019-12-17 19:31:45.556 debug3: receive packet: type 50 [preauth]
3356 2019-12-17 19:31:45.556 debug1: userauth-request for user username1 service ssh-connection method publickey [preauth]
3356 2019-12-17 19:31:45.556 debug1: attempt 1 failures 0 [preauth]
3356 2019-12-17 19:31:45.556 debug2: input_userauth_request: try method publickey [preauth]
3356 2019-12-17 19:31:45.556 debug2: userauth_pubkey: valid user username1 querying public key ssh-rsa XXXXXXXXXXX [preauth]
3356 2019-12-17 19:31:45.556 debug1: userauth_pubkey: test pkalg ssh-rsa pkblob RSA SHA256:XXXXXXX [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_key_allowed entering [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_send entering: type 22 [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_receive entering
3356 2019-12-17 19:31:45.556 debug3: monitor_read: checking request 22
3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed entering
3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed: key_from_blob: 000001D8B28BF1C0
3356 2019-12-17 19:31:45.556 debug1: trying public key file C:\\Users\\username1\\.ssh/authorized_keys
3356 2019-12-17 19:31:45.556 debug3: Bad permissions. Try removing permissions for user: VM-EPM\\username2 (S-1-5-21-3826319457-1004635287-1909893433-1001) on file C:/Users/username1/.ssh/authorized_keys.
3356 2019-12-17 19:31:45.556 Authentication refused.
3356 2019-12-17 19:31:45.556 debug3: mm_answer_keyallowed: publickey authentication test: RSA key is not allowed
3356 2019-12-17 19:31:45.556 Failed publickey for username1 from X.XX.XX.XXX port 54728 ssh2: RSA SHA256:o8b9CXuYPzNSz6M/rsN+XAQHqEcdPwWasDglinXbtig
3356 2019-12-17 19:31:45.556 debug3: mm_request_send entering: type 23
3356 2019-12-17 19:31:45.556 debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_receive_expect entering: type 23 [preauth]
3356 2019-12-17 19:31:45.556 debug3: mm_request_receive entering [preauth]
3356 2019-12-17 19:31:45.556 debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa [preauth]
3356 2019-12-17 19:31:45.556 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
3356 2019-12-17 19:31:45.556 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth]
3356 2019-12-17 19:31:45.572 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
3356 2019-12-17 19:31:45.572 debug3: send packet: type 51 [preauth]
3356 2019-12-17 19:31:45.666 debug3: receive packet: type 50 [preauth]
3356 2019-12-17 19:31:45.666 debug1: userauth-request for user username1 service ssh-connection method keyboard-interactive [preauth]
3356 2019-12-17 19:31:45.666 debug1: attempt 2 failures 1 [preauth]
3356 2019-12-17 19:31:45.666 debug2: input_userauth_request: try method keyboard-interactive [preauth]
3356 2019-12-17 19:31:45.666 debug1: keyboard-interactive devs [preauth]
3356 2019-12-17 19:31:45.666 debug1: auth2_challenge: user=username1 devs= [preauth]
3356 2019-12-17 19:31:45.666 debug1: kbdint_alloc: devices '' [preauth]
3356 2019-12-17 19:31:45.666 debug2: auth2_challenge_start: devices [preauth]
3356 2019-12-17 19:31:45.666 debug3: user_specific_delay: user specific delay 0.000ms [preauth]
3356 2019-12-17 19:31:45.666 debug3: ensure_minimum_time_since: elapsed 0.000ms, delaying 8.286ms (requested 8.286ms) [preauth]
3356 2019-12-17 19:31:45.681 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]
3356 2019-12-17 19:31:45.681 debug3: send packet: type 51 [preauth]
在兩個日誌中,username1需要連線的本機使用者username2是管理員(不是SYSTEM)。
謝謝,
安德里亞
答案1
我相信這個訊息非常明確:
3356 2019-12-17 19:31:45.556 debug3:權限錯誤。嘗試刪除檔案 C:/Users/username1/.ssh/authorized_keys 上使用者 VM-EPM\username2 (S-1-5-21-3826319457-1004635287-1909893433-1001) 的權限。
除使用者本人 ( username1) 外,其他任何使用者都不能擁有該檔案的寫入權限authorized_keys。