我希望我不会忽略答案,但是到目前为止,我似乎遇到了麻烦。我在Mac OS X和Ubuntu 12.04来宾系统上使用VirtualBox。虽然它可以很好地与密码验证一起使用,但不适用于密钥。我似乎找不到我的错误。
感谢您的帮助。提前致谢!
我收到以下信息:
myhost:~ myusername$ ssh -vp 3022 sshuser@192.168.56.1
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 102: Applying options for *
debug1: Connecting to 192.168.56.1 [192.168.56.1] port 3022.
debug1: Connection established.
debug1: identity file /Users/myusername/.ssh/id_rsa type 1
debug1: identity file /Users/myusername/.ssh/id_rsa-cert type -1
debug1: identity file /Users/myusername/.ssh/id_dsa type -1
debug1: identity file /Users/myusername/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2p2 Ubuntu-6ubuntu0.4
debug1: match: OpenSSH_6.2p2 Ubuntu-6ubuntu0.4 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA ed:7e:bb:97:27:dd:82:82:b7:52:f0:e6:de:0d:f3:0e
debug1: Host '[192.168.56.1]:3022' is known and matches the RSA host key.
debug1: Found key in /Users/myusername/.ssh/known_hosts:3
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/myusername/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: vmssh
debug1: Authentications that can continue: publickey
debug1: Trying private key: /Users/myusername/.ssh/id_dsa
debug1: No more authentication methods to try.
Permission denied (publickey).
到目前为止,我已经完成了以下工作:
0 post os install
$ adduser sshuser
1 backup config (remote host)
$ sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
$ sudo chmod a-w /etc/ssh/sshd_config.backup
2. config (remote host)
$ sudo nano /etc/ssh/sshd_config
Port 22
PermitRootLogin no
AllowTcpForwarding no
X11Forwarding no
AllowUsers sshuser
LogLevel Verbose (/var/log/auth.log)
$ mkdir ~/.ssh
3. Generate and send keys (localhost)
if no .ssh dir:
$ mkdir ~/.ssh
$ chmod 700 ~/.ssh
$ ssh-keygen -t rsa -b 4096
$ ssh-add id_rsa
$ scp -P 3022 ~/.ssh/id_rsa.pub sshuser@localhost:/home/sshuser/.ssh/uploaded_key.pub
(remote host)
$ touch authorized_files
$ cat uploaded_key.pub >> authorized_files
$ chmod 600 authorized_files
$ sudo nano /etc/ssh/sshd_config
$ PasswordAuthentication no
$ sudo service ssh restart
(localhost)
$ ssh -p 3022 user@host
(where host = vboxeth ip 192.x.x.x)
更不用说文件名是错误的。你为什么不只是使用
—
迈克尔·汉普顿
ssh-copy-id呢?
那里可能有很多错误,但是应该是authorized_keys而不是authorized_files
—
barlop 2015年
谢谢大家的帮助。巴洛普的回答解决了这个问题。这是漫长的一天...您能给我一个答案,然后我才能投票赞成吗?:) EEAA,谢谢,由于我使用不同的适配器而使IP混乱。没关系,我使用NAT和端口转发。@MichaelHampton,请问“文件名错误”是什么意思?
—
Flynn 2015年
sshuser@192.168.56.1,但将密钥复制到sshuser@localhost。DERP。