尝试通过SSH进入服务器并获取key_load_public:无此类文件或目录错误

43

我从Mac创建了到我的远程服务器的无密码ssh连接。它起作用了(!),然后我关闭了终端,重新打开它,再次尝试,并得到了以下信息(用户名,my_ip不是真实的):

ssh -vvv username@my_ip
OpenSSH_7.2p2, LibreSSL 2.4.1
debug1: Reading configuration data /Users/Me/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug1: /etc/ssh/ssh_config line 53: Applying options for *
debug2: resolving "my_ip" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to my_ip [my_ip] port 22.
debug1: Connection established.
debug1: identity file /Users/Me/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/Me/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/Me/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/Mes/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/Me/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/Me/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/Me/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/Me/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2
ssh_exchange_identification: read: Connection reset by peer

当我检查我的.ssh文件夹时,id_rsa有没有其他文件夹。从错误中看来,我需要以某种方式创建这些文件,但不确定如何创建。

任何帮助,将不胜感激。

ssh 
埃里克
source
1
有实际问题吗?例如,您实际上是否无法登录?您可以编辑问题以包括完整的调试输出,而不仅仅是第一部分吗?
肯斯特,2016年
是; 我很抱歉!我无法登录-之前我已经放弃了最后一行(也许是最重要的?)。
埃里克

Answers:

51 
debug1: key_load_public: No such file or directory

上面的行不是错误,而只是简单的调试日志,它表示ssh客户端无法找到单独的公共密钥(名为~/.ssh/id_rsa.pub)。该文件不需要连接到远程服务器,但它可能很有用。

实际误差

ssh_exchange_identification: read: Connection reset by peer

指向服务器配置错误。服务器正在运行,但是无法接受SSH连接。检查服务器日志以获取更多信息。类似问题

贾库耶
source
该链接非常有帮助。而且,事实证明,我实际上已被列入黑名单(在测试某些东西时,我已经多次将其SSH到服务器中。)
Eric
1
我的问题是堡垒主机更改了IP地址,并且known_hosts在我的Mac上不正确...它显示@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @...它显示了行号~/.ssh/known_hosts:238。因此,我从Mac上的known_hosts文件中删除了该行(在本例中为238),然后尝试再次成功连接。
Marcello de Sales
3

问题:堡垒主机IP不匹配 ~/.ssh/known_hosts

known_hosts堡垒的IP地址更改时,我的文件已旧...

$ ssh 10.82.49.24
ssh_exchange_identification: Connection closed by remote host

没有给我任何信息。查看详细输出会得出相同的结果:

$ ssh -v 10.82.49.24
OpenSSH_7.4p1, LibreSSL 2.5.0
debug1: Reading configuration data /Users/mdesales/.ssh/config
debug1: /Users/mdesales/.ssh/config line 1: Applying options for 10.82.*.*
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Executing proxy command: exec ssh -q -W 10.82.49.24:22 ec2-user@bastion-vpc-xxxxxx.config-yyyyyyy.com -i ~/.ssh/xxxconfig-xxxx.pem
debug1: key_load_public: No such file or directory
debug1: identity file ~/.ssh/xxxconfig-xxxx.pem
debug1: key_load_public: No such file or directory
debug1: identity file ~/.ssh/xxxconfig-xxxx.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: permanently_drop_suid: 1647059022
ssh_exchange_identification: Connection closed by remote host

此时,由于它是通过堡垒到另一主机的代理,因此我可以看到堡垒是一个问题:

$ ssh ec2-user@bastion-vpc-xxxxxx.config-yyyyyyy.com -i ~/.ssh/xxxconfig-xxxx.pem
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:Z8X1UlIgQ94BKJ7NA/oQi7v0NL4IlFeO7Ou4j76Zphk.
Please contact your system administrator.
Add correct host key in /Users/mdesales/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/mdesales/.ssh/known_hosts:238
ECDSA host key for ec2-user@bastion-vpc-xxxxxx.config-yyyyyyy.com has changed and you have requested strict checking.
Host key verification failed.

删除行238上的条目解决了该问题...我可以通过SSH进入堡垒,也可以通过SSH进入主机。

$ vim /Users/mdesales/.ssh/known_hosts

$ ssh ec2-user@bastion-vpc-xxxxxx.config-yyyyyyy.com -i ~/.ssh/xxxconfig-xxxx.pem
The authenticity of host 'ec2-user@bastion-vpc-xxxxxx.config-yyyyyyy.com (34.x.x.y)' can't be established.
ECDSA key fingerprint is SHA256:Z8X1UlIgQ94BKJ7NA/oQi7v0NL4IlFeO7Ou4j76Zphk.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ec2-user@bastion-vpc-xxxxxx.config-yyyyyyy.com -i ~/.ssh/xxxconfig-xxxx.pem,34.213.y.x' (ECDSA) to the list of known hosts.
********************************************************************************
This is a private computer system containing information that is proprietary
and confidential to the owner of the system.  Only individuals or entities
authorized by the owner of the system are allowed to access or use the system.
Any unauthorized access or use of the system or information is strictly
prohibited.

All violators will be prosecuted to the fullest extent permitted by law.
********************************************************************************
Last login: Wed Aug  2 20:35:55 2017 from 10.81.31.115
[ec2-user@ip-10-82-50-142 ~]$
Marcello de Sales
source
1

今天发生在我身上。

通过断开我的WLAN并重新连接来解决。是的,这听起来很愚蠢,但是至少在一个WLAN上,这没有任何充分的理由而发生。

观星者
source
0

同样的问题,只需在此处发布解决方案

/etc/hosts.deny使用以下方法删除您的IP :

nano /etc/hosts.deny
王勤
source
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.