У меня проблема, когда я пытаюсь подключиться к моему серверу с помощью закрытого ключа RSA. Я получаю ошибку «Отказано в доступе», за которой следует «Слишком много ошибок аутентификации для [пользователя]».
Примечание. Ключ rsa id_linux имеет разрешения 600.
Вот вывод оболочки:
$ ssh -v comics
OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Applying options for comics
debug1: Connecting to [site] [site's IP] port 2222.
debug1: Connection established.
debug1: identity file /home/ryan/Desktop/Storage/id_linux type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client 3des-cbc hmac-md5 none
debug1: kex: client->server 3des-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '[site]:2222' is known and matches the RSA host key.
debug1: Found key in /home/ryan/.ssh/known_hosts:3
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/ryan/Desktop/Storage/id_linux
Enter passphrase for key '/home/ryan/Desktop/Storage/id_linux':
Enter passphrase for key '/home/ryan/Desktop/Storage/id_linux':
Enter passphrase for key '/home/ryan/Desktop/Storage/id_linux':
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
[user]@[site]'s password:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
[user]@[site]'s password:
Received disconnect from [site's IP]: 2: Too many authentication failures for [user]
Вот как выглядит мой файл ssh_config.
Host comics
HostName [site]
IdentityFile ~/Desktop/Storage/id_linux
IdentitiesOnly yes
PubkeyAuthentication yes
User [user]
Port 2222
Я пытался создать новый ключ, но это не сработало. У меня все еще та же проблема.
Спасибо за вашу помощь!
РЕДАКТИРОВАТЬ: Вот ключевой заголовок.
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,A9C39F2105CA158B
EDIT2: Вот вывод комиксов ssh -vvv. Примечание: я использую putty для доступа к Linux-машине, с которой я работаю. Кроме того, я создал новый ключ, чтобы убедиться, что я использовал правильную фразу-пароль.
login as: ryan
ryan@192.168.0.20's password:
Linux krypton 2.6.24-28-server #1 SMP Fri Jun 18 12:44:06 UTC 2010 i686
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
To access official Ubuntu documentation, please visit:
http://help.ubuntu.com/
Last login: Sun May 22 05:31:30 2016 from 192.168.0.12
ryan@krypton:~$ ssh -vvv comics
OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Applying options for comics
debug2: ssh_connect: needpriv 0
debug1: Connecting to [site] [site's IP] port 2222.
debug1: Connection established.
debug1: identity file /home/ryan/Desktop/Storage/id_comics type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie- hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes256-ctr,arcfour256,arcfour,3des-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes256-ctr,arcfour256,arcfour,3des-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client 3des-cbc hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server 3des-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 185/384
debug2: bits set: 1025/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: put_host_port: [site's IP]:2222
debug3: put_host_port: [site]:2222
debug3: check_host_in_hostfile: filename /home/ryan/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 3
debug3: check_host_in_hostfile: filename /home/ryan/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 4
debug1: Host '[site]:2222' is known and matches the RSA host key.
debug1: Found key in /home/ryan/.ssh/known_hosts:3
debug2: bits set: 1019/2048
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/ryan/Desktop/Storage/id_comics ((nil))
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/ryan/Desktop/Storage/id_comics
Enter passphrase for key '/home/ryan/Desktop/Storage/id_comics':
debug2: bad passphrase given, try again...
Enter passphrase for key '/home/ryan/Desktop/Storage/id_comics':
Что
—
Jakuje
/home/ryan/Desktop/Storage/id_linux
(Заголовок)? Разве это не замазка формата ключа? - Якудже вчера
@Serge Ключ был создан на целевом хосте и скопирован на компьютер, который я использую.
—
nryan
@Jakuje Я разместил заголовок моего ключевого файла.
—
nryan
Ты не ответил на мой вопрос. Что у вас есть в файле
—
Serge
~/.ssh/authorized_keys
на хосте вы подключаетесь?
id_linux.pub
в~/.ssh/authorized_keys
файл на целевом хосте?