Linux
SSH 安全複製被拒絕/超時
我對 Linux 遊戲比較陌生。我與遠端主機建立了 SSH 連接,並嘗試將遠端主機的副本 (scp) 保護到我的本地電腦。我在 Oracle VM 上執行 Linux Ubuntu。
當我執行 ssh-v 時:
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017 debug1: Reading configuration data /home/USER/.ssh/config debug1: /home/USER/.ssh/config line 1: Applying options for novagpvm01 debug1: Connecting to HOSTNAME [HOSTIP] port 22. debug1: Connection established. debug1: identity file /home/USER/.ssh/id_rsa type 0 debug1: key_load_public: No such file or directory debug1: identity file /home/USER/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/USER/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/USER/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/USER/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/USER/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/USER/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/USER/.ssh/id_ed25519-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000 debug1: Authenticating to HOSTNAME:22 as 'USER' debug1: Offering GSSAPI proposal: gss-gex-sha1-toWM8Slw8Ew8Mqkay+al2g==,gss-group1-sha1- toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-gex-sha1- eipGX3TCiTUrx573bT1o1Q==,gss-group1-sha1-eipGX3TCiQSrx573bT1o1Q==,gss-group14-sha1- eipGX3TCiTUrx573bT1o1Q== debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: gss-gex-sha1-toWM8Slw8Ew8Mqkay+al2g== debug1: kex: host key algorithm: ssh-rsa debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none debug1: Doing group exchange debug1: Calling gss_init_sec_context debug1: Delegating credentials debug1: Received GSSAPI_COMPLETE debug1: Calling gss_init_sec_context debug1: Delegating credentials debug1: Rekey has happened - updating saved versions debug1: rekey after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey after 4294967296 blocks debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic debug1: Next authentication method: gssapi-keyex debug1: Authentication succeeded (gssapi-keyex). Authenticated to HOSTNAME ([HOSTIP]:22). debug1: Local connections to LOCALHOST:5901 forwarded to remote address localhost:5904 debug1: Local forwarding listening on 127.0.0.1 port 5901. debug1: channel 0: new [port listener] debug1: Local forwarding listening on ::1 port 5901. bind: Cannot assign requested address debug1: channel 1: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: pledge: exec debug1: Requesting X11 forwarding with authentication spoofing. debug1: Requesting authentication agent forwarding.所以以上說明建立了SSH。當我執行安全副本(在我的本地)時,其格式如下:
scp -r -v USER1@HOSTNAME:FOLDERPATH ~/home/USER/folder我收到以下錯誤:
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic debug3: start over, passed a different list gssapi-keyex,gssapi-with-mic debug3: preferred publickey,keyboard-interactive,password debug1: No more authentication methods to try. user@domain: Permission denied (gssapi-keyex,gssapi-with-mic).我已經查看了主機和本地的配置文件,它們是以前的文章和主機推薦的。我嘗試使用我的 IP 地址並收到連接超時錯誤。當我得到以下資訊時,它似乎也不是關鍵錯誤:
debug1: Server host key: ssh-rsa SHA256:xn0AoXgnMHKa8f9z9a9bClSHotypJqbIz8Vrw6MxNTc debug3: hostkeys_foreach: reading file "/home/user/.ssh/known_hosts" debug3: record_hostkey: found key type RSA in file /home/user/.ssh/known_hosts:1 debug3: load_hostkeys: loaded 1 keys from host.com debug3: hostkeys_foreach: reading file "/home/user/.ssh/known_hosts" debug3: record_hostkey: found key type RSA in file /home/user/.ssh/known_hosts:2 debug3: load_hostkeys: loaded 1 keys from XXX.XXX.XX.XX debug1: Host 'host.com' is known and matches the RSA host key. debug1: Found key in /home/user/.ssh/known_hosts:1我的想法不多了,非常感謝一些指導。謝謝!
我的錯,對不起。這是一個問題:
debug1: Local forwarding listening on ::1 port 5901. bind: Cannot assign requested address debug1: channel 1: new [client-session]看起來您正在嘗試將 ssh 程序重新綁定到 ::1 埠 5901(通常用於 vnc),並且它已被另一個程序使用。
sudo netstat -anp | grep 5901或者
ss -tunap | grep 5901應該辨識過程。
使用的預設密鑰交換算法不兼容。如果您檢查 ssh_config 的聯機幫助頁,例如
$ man ssh_config並查找 GSSAPIKexAlgorithms,您會找到可能的選項。你像這樣應用它們
$ scp -o GSSAPIKexAlgorithms=gss-nistp256-sha256- -r -v USER1@HOSTNAME:FOLDERPATH ~/home/USER/folder