Ubuntu
為什麼仍然提示我輸入 ssh 密碼?
當我從我的 Mac 12.6 系統 ssh 進入我的 Ubuntu 20.04.1 系統時,每次都會提示我輸入我的密鑰密碼,但不知道如何擺脫提示。下面是 Ubuntu 系統的輸出,我在調試模式下手動執行 sshd,但我對它顯示的內容不夠熟悉,無法確定問題所在。
root@dell:/etc/ssh# mkdir /var/run/sshd; chmod 0755 /var/run/sshd; /usr/sbin/sshd -d debug1: sshd version OpenSSH_8.2, OpenSSL 1.1.1f 31 Mar 2020 debug1: private host key #0: ssh-rsa SHA256:Qi+QfQXlZMNzXx2rc4lTr8Sa2n8NzGShKKlFHlgIJT4 debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:XqYwNkxd/ELRRSp2tzfOAst5H+xwJUjZF95BfkCLIYk debug1: private host key #2: ssh-ed25519 SHA256:wIWr6ju0DTop8DTREi+uJPxvHJvT+eJxXFq/jgMaJFU debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-d' debug1: Set /proc/self/oom_score_adj from 0 to -1000 debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. debug1: Bind to port 22 on ::. Server listening on :: port 22. debug1: Server will not fork when running in debugging mode. debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 debug1: sshd version OpenSSH_8.2, OpenSSL 1.1.1f 31 Mar 2020 debug1: private host key #0: ssh-rsa SHA256:Qi+QfQXlZMNzXx2rc4lTr8Sa2n8NzGShKKlFHlgIJT4 debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:XqYwNkxd/ELRRSp2tzfOAst5H+xwJUjZF95BfkCLIYk debug1: private host key #2: ssh-ed25519 SHA256:wIWr6ju0DTop8DTREi+uJPxvHJvT+eJxXFq/jgMaJFU debug1: inetd sockets after dupping: 3, 3 Connection from 192.168.1.9 port 63434 on 192.168.1.30 port 22 rdomain "" debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.6 debug1: match: OpenSSH_8.6 pat OpenSSH* compat 0x04000000 debug1: permanently_set_uid: 126/65534 [preauth] debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] debug1: SSH2_MSG_KEXINIT sent [preauth] debug1: SSH2_MSG_KEXINIT received [preauth] debug1: kex: algorithm: curve25519-sha256 [preauth] debug1: kex: host key algorithm: ssh-ed25519 [preauth] debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none [preauth] debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none [preauth] debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth] debug1: rekey out after 134217728 blocks [preauth] debug1: SSH2_MSG_NEWKEYS sent [preauth] debug1: Sending SSH2_MSG_EXT_INFO [preauth] debug1: expecting SSH2_MSG_NEWKEYS [preauth] debug1: SSH2_MSG_NEWKEYS received [preauth] debug1: rekey in after 134217728 blocks [preauth] debug1: KEX done [preauth] debug1: userauth-request for user mth service ssh-connection method none [preauth] debug1: attempt 0 failures 0 [preauth] debug1: PAM: initializing for "mth" debug1: PAM: setting PAM_RHOST to "192.168.1.9" debug1: PAM: setting PAM_TTY to "ssh" debug1: userauth-request for user mth service ssh-connection method publickey [preauth] debug1: attempt 1 failures 0 [preauth] debug1: userauth_pubkey: test pkalg rsa-sha2-512 pkblob RSA SHA256:OZm4uD0KuWx6Z494aecU2mD4GmWpmujCXaZkE+D2icY [preauth] debug1: temporarily_use_uid: 1000/1000 (e=0/0) debug1: trying public key file /home/mth/.ssh/authorized_keys debug1: fd 4 clearing O_NONBLOCK debug1: /home/mth/.ssh/authorized_keys:1: matching key found: RSA SHA256:OZm4uD0KuWx6Z494aecU2mD4GmWpmujCXaZkE+D2icY debug1: /home/mth/.ssh/authorized_keys:1: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding Accepted key RSA SHA256:OZm4uD0KuWx6Z494aecU2mD4GmWpmujCXaZkE+D2icY found at /home/mth/.ssh/authorized_keys:1 debug1: restore_uid: 0/0 Postponed publickey for mth from 192.168.1.9 port 63434 ssh2 [preauth]我會很感激任何提示。謝謝你。
這本身並不是一個真正的問題 - 您在 Mac 系統上的私鑰受密碼保護,並且必須先解鎖該私鑰,然後才能將其送出給 Ubuntu 系統進行身份驗證。
你有兩個選擇——第一個是使用
ssh-agent和ssh-add解鎖私鑰一次到記憶體代理中,使用解鎖的代理向 Ubuntu 系統展示你的身份。這是“更好”的選項,因為它使身份受密碼保護。我用引號表示得更好,因為我覺得這個選項是否更好,因為它可以保證密鑰的安全或更糟,因為這意味著每次啟動系統時都需要額外的步驟來處理代理。$ eval `ssh-agent` Agent pid 123456 $ ssh-add Enter passphrase for /home/user/.ssh/id_rsa:每次執行
eval命令時,上面的代理 PID 都會改變。身份文件將是您儲存私人身份文件的位置,並且每次執行eval命令時都是相同的。第二種選擇是創建一個沒有密碼的新 SSH 密鑰對,將新的公鑰分發到您的 Ubuntu 系統,並使用未受保護的身份。