Ssh
ssh 客戶端未在埠 22 上嘗試公鑰身份驗證
我正在嘗試使用公鑰(DSA)從 Ubuntu 機器(Win 10 上的 VM)SSH 到 linux 伺服器。然而,即使我在 /etc/ssh/ssh_config 中添加了以下行,Ubuntu 上的 OpenSSH 客戶端也不會嘗試將公鑰作為身份驗證方法:
PubkeyAuthentication yes PubkeyAcceptedKeyTypes +ssh-dss..ssh 目錄的權限設置為 700,id_dsa 文件設置為 600。
這是調試日誌:
The authenticity of host '************' can't be established. RSA key fingerprint is SHA256:cPAuJmw7PjOgBYDN2TYfFscDVTbcsj0rT6HFJH9SDFI. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '*****************' (RSA) to the list of known hosts. debug2: bits set: 4095/8192 debug3: send packet: type 21 debug2: set_newkeys: mode 1 debug1: rekey out after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: receive packet: type 21 debug1: SSH2_MSG_NEWKEYS received debug2: set_newkeys: mode 0 debug1: rekey in after 4294967296 blocks debug1: Will attempt key: .ssh/id_dsa explicit debug2: pubkey_prepare: done debug3: send packet: type 5 debug3: receive packet: type 6 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug3: send packet: type 50 debug3: receive packet: type 51 debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic debug3: start over, passed a different list gssapi-keyex,gssapi-with-mic debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup gssapi-with-mic debug3: remaining preferred: publickey,keyboard-interactive,password debug3: authmethod_is_enabled gssapi-with-mic debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_1000) debug1: Unspecified GSS failure. Minor code may provide more information No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_1000) debug2: we did not send a packet, disable method debug1: No more authentication methods to try. *****************: Permission denied (gssapi-keyex,gssapi-with-mic).有人可以解釋為什麼 publickey 不在此處的身份驗證方法中:
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic提前致謝,
更新:
我在伺服器上的另一個埠(2222)上啟動了 sshd,然後我能夠連接。所以問題出在埠 22 上,由於某種原因,伺服器不允許公鑰身份驗證。使用埠 22 時,我在日誌中看到了這一點:
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic這裡伺服器不允許在埠 22 上對我的使用者 ID 進行公鑰身份驗證,但是伺服器允許在埠 2222 上進行公鑰身份驗證:
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic伺服器不允許在埠 22 上對我的使用者 ID 進行公鑰身份驗證的原因可能是什麼?
問題與我的網際網路連接有關 - 它不允許在埠 22 上進行公鑰身份驗證。切換到另一個連接後,SSH 公鑰身份驗證工作正常。