1. Zuhause
  2. Frage und Antwort
  3. Server-Authentifizierung über SSH-Schlüssel schlägt fehl

Server-Authentifizierung über SSH-Schlüssel schlägt fehl

2017-08-30 2 views
-2

Ich habe versucht, auf meinem Server (CentOS) Authentifizierung für private/öffentliche Schlüssel einzurichten. Hier sind die Schritte, die ich gemacht:Server-Authentifizierung über SSH-Schlüssel schlägt fehl

  1. generierten ein öffentliches/privates Schlüsselpaar mit puttygen
  2. die öffentlichen Schlüsseln auf den Server kopiert und die beigefügten sie mit der Katze Befehl an die Datei /root/.ssh/authorized_keys
    3. Auf
  3. Datei Eigentümer und Berechtigungen für .ssh vorgeschlagen (700) und .ssh/authorized_keys (600)
  4. den sshd-Dienst neu gestartet
  5. im Putty Config unter Connection> SSH> Auth, ausgewählt, um die privat Schlüssel

Aber wenn ich versuche, mit Putty zu verbinden, bekomme ich die Nachricht "Server hat unseren Schlüssel abgelehnt". Ich werde dann zur Eingabe des Passworts aufgefordert, und das funktioniert.

Ich hob auch die Authentifizierungsprotokollebene, hier die Ausgabe für einen fehlgeschlagenen Versuch ist:

Aug 30 12:55:01 localhost sshd[44558]: debug3: fd 5 is not O_NONBLOCK 
Aug 30 12:55:01 localhost sshd[44558]: debug1: Forked child 44752. 
Aug 30 12:55:01 localhost sshd[44558]: debug3: send_rexec_state: entering fd = 8 config len 803 
Aug 30 12:55:01 localhost sshd[44558]: debug3: ssh_msg_send: type 0 
Aug 30 12:55:01 localhost sshd[44558]: debug3: send_rexec_state: done 
Aug 30 12:55:01 localhost sshd[44752]: debug3: oom_adjust_restore 
Aug 30 12:55:01 localhost sshd[44752]: Set /proc/self/oom_score_adj to 0 
Aug 30 12:55:01 localhost sshd[44752]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8 
Aug 30 12:55:01 localhost sshd[44752]: debug1: inetd sockets after dupping: 3, 3 
Aug 30 12:55:01 localhost sshd[44752]: Connection from 91.15.164.238 port 58557 on 82.165.78.188 port 22 
Aug 30 12:55:01 localhost sshd[44752]: debug1: Client protocol version 2.0; client software version PuTTY_Release_0.70 
Aug 30 12:55:01 localhost sshd[44752]: debug1: no match: PuTTY_Release_0.70 
Aug 30 12:55:01 localhost sshd[44752]: debug1: Enabling compatibility mode for protocol 2.0 
Aug 30 12:55:01 localhost sshd[44752]: debug1: Local version string SSH-2.0-OpenSSH_6.6.1 
Aug 30 12:55:01 localhost sshd[44752]: debug2: fd 3 setting O_NONBLOCK 
Aug 30 12:55:01 localhost sshd[44752]: debug3: ssh_sandbox_init: preparing rlimit sandbox 
Aug 30 12:55:01 localhost sshd[44752]: debug2: Network child is on pid 44753 
Aug 30 12:55:01 localhost sshd[44752]: debug3: preauth child monitor started 
Aug 30 12:55:01 localhost sshd[44752]: debug1: SELinux support disabled [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: privsep user:group 74:74 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: permanently_set_uid: 74/74 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: list_hostkey_types: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: SSH2_MSG_KEXINIT sent [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: SSH2_MSG_KEXINIT received [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: none,[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: none,[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: first_kex_follows 0 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: reserved 0 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa2048-sha256,rsa1024-sha1,diffie-hellman-group1-sha1 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: none,zlib [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: none,zlib [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: first_kex_follows 0 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: reserved 0 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: mac_setup: setup hmac-sha2-256 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: kex: client->server aes256-ctr hmac-sha2-256 none [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: mac_setup: setup hmac-sha2-256 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: kex: server->client aes256-ctr hmac-sha2-256 none [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: kex: [email protected] need=32 dh_need=32 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 120 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 121 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:01 localhost sshd[44752]: debug3: monitor_read: checking request 120 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 121 
Aug 30 12:55:01 localhost sshd[44752]: debug1: kex: [email protected] need=32 dh_need=32 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 120 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 121 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:01 localhost sshd[44752]: debug3: monitor_read: checking request 120 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 121 
Aug 30 12:55:01 localhost sshd[44752]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_key_sign entering [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 6 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 7 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:01 localhost sshd[44752]: debug3: monitor_read: checking request 6 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_answer_sign 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_answer_sign: signature 0x7f0b70e15390(271) 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 7 
Aug 30 12:55:01 localhost sshd[44752]: debug2: monitor_read: 6 used once, disabling now 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_derive_keys [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: set_newkeys: mode 1 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: SSH2_MSG_NEWKEYS sent [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: expecting SSH2_MSG_NEWKEYS [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: set_newkeys: mode 0 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: SSH2_MSG_NEWKEYS received [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: KEX done [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: userauth-request for user root service ssh-connection method none [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: attempt 0 failures 0 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_getpwnamallow entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 8 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 9 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 8 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_pwnamallow 
Aug 30 12:55:04 localhost sshd[44752]: debug3: Trying to reverse map address 91.15.164.238. 
Aug 30 12:55:04 localhost sshd[44752]: debug2: parse_server_config: config reprocess config len 803 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 9 
Aug 30 12:55:04 localhost sshd[44752]: debug2: monitor_read: 8 used once, disabling now 
Aug 30 12:55:04 localhost sshd[44752]: debug2: input_userauth_request: setting up authctxt for root [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_start_pam entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 100 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_inform_authserv entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 4 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_inform_authrole entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 80 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug2: input_userauth_request: try method none [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: userauth_finish: failure partial=0 next methods="publickey,gssapi-keyex,gssapi-with-mic,password" [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 100 
Aug 30 12:55:04 localhost sshd[44752]: debug1: PAM: initializing for "root" 
Aug 30 12:55:04 localhost sshd[44752]: debug1: PAM: setting PAM_RHOST to "p5b0fa4ee.dip0.t-ipconnect.de" 
Aug 30 12:55:04 localhost sshd[44752]: debug1: PAM: setting PAM_TTY to "ssh" 
Aug 30 12:55:04 localhost sshd[44752]: debug2: monitor_read: 100 used once, disabling now 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 4 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_authserv: service=ssh-connection, style= 
Aug 30 12:55:04 localhost sshd[44752]: debug2: monitor_read: 4 used once, disabling now 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 80 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_authrole: role= 
Aug 30 12:55:04 localhost sshd[44752]: debug2: monitor_read: 80 used once, disabling now 
Aug 30 12:55:04 localhost sshd[44752]: debug1: userauth-request for user root service ssh-connection method publickey [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: attempt 1 failures 0 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug2: input_userauth_request: try method publickey [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: test whether pkalg/pkblob are acceptable [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_key_allowed entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 22 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 23 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 22 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_keyallowed entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_keyallowed: key_from_blob: 0x7f0b70e1ca10 
Aug 30 12:55:04 localhost sshd[44752]: debug1: temporarily_use_uid: 0/0 (e=0/0) 
Aug 30 12:55:04 localhost sshd[44752]: debug1: trying public key file /root/.ssh/authorized_keys 
Aug 30 12:55:04 localhost sshd[44752]: debug1: fd 4 clearing O_NONBLOCK 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key_type_from_name: unknown key type '----' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing keytype 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: '---- BEGIN SSH2 PUBLIC KEY ----\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key_type_from_name: unknown key type 'BEGIN' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing keytype 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: 'BEGIN SSH2 PUBLIC KEY ----\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key_type_from_name: unknown key type 'Comment:' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing keytype 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: 'Comment: "rsa-key-20170830"\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '"rsa-key-20170830"\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: 'AAAAB3NzaC1yc2EAAAABJQAAAQEAkO9lXNIVuohGAOsCQy+NDIJv7a+a6z6ekmSp\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: 'HfFduHAvOadeX/HDidL1696CVOHjX8fJ7ITTCaFl2ljI06lobZ2baDAsezpMhut9\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: 'xmovTOmTJK3pOAI9E1S3Hmhum0QViFsE5oCiMHwZixLmWoeZt09ZwSZyQZAvtHTU\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: '73bviqiky/j2xYpG+5QKyViyCEAa6KbJKnGpLw8UTf0rEBhUES9wLBt4vU3AZuQd\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: 'evfZSr3lDBlCCdX3vyJJP8m4x3+8YMSvJSfKa9MErWpxjNE+4GMhyexNILSP+lgy\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: '5tqWIehpSekThkJLpi0KPvGiK/bm7oXMVNLN0KdLAf/MKUzB9w==\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key_type_from_name: unknown key type '----' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing keytype 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: '---- END SSH2 PUBLIC KEY ----\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key_type_from_name: unknown key type 'END' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing keytype 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: 'END SSH2 PUBLIC KEY ----\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key not found 
Aug 30 12:55:04 localhost sshd[44752]: debug1: restore_uid: 0/0 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_keyallowed: key 0x7f0b70e1ca10 is not allowed 
Aug 30 12:55:04 localhost sshd[44752]: Failed publickey for root from 91.15.164.238 port 58557 ssh2: RSA 4c:13:08:b4:06:eb:ea:98:54:69:50:3e:cf:22:9e:da 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 23 
Aug 30 12:55:04 localhost sshd[44752]: debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: userauth_finish: failure partial=0 next methods="publickey,gssapi-keyex,gssapi-with-mic,password" [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: userauth-request for user root service ssh-connection method gssapi-with-mic [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: attempt 2 failures 1 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug2: input_userauth_request: try method gssapi-with-mic [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 42 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 43 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 42 
Aug 30 12:55:04 localhost sshd[44752]: debug1: Unspecified GSS failure. Minor code may provide more information\nKey table file '/etc/krb5.keytab' not found\n 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 43 
Aug 30 12:55:04 localhost sshd[44752]: debug3: userauth_finish: failure partial=0 next methods="publickey,gssapi-keyex,gssapi-with-mic,password" [preauth]

Quelle

2017-08-30 Benni

+0

Es wird von Art würde, wenn die downvoters geben kann mir einen Hinweis, warum sie diese Frage downvote, danke! – Benni

+0

Ich habe nicht downvote .. aber ... https://stackoverflow.com/questions/2224066/how-to-convert-ssh-keypairs-generated-using-puttygenwindows-into-key-pairs-use – ilansch

+0

@ilansch OK Das ist eine bessere und umfassendere Antwort, aber die Frage war anders. – Benni

Antwort

0

Hier ist der Grund, warum es nicht funktioniert. Wie zahlreiche Schritt-für-Schritt-Anleitungen vorschlagen, sollte man die öffentliche Schlüsseldatei, kopieren Sie sie auf dem Server erzeugen und dann den öffentlichen Schlüssel anhängen an die authorized_keys mit der Katze Befehl wie diese Datei:

cat id_rsa.mypublickey.pub >> ~/.ssh/authorized_keys

Im In meinem Fall habe ich PuTTYgen verwendet, um die Schlüssel zu generieren. Aber die resultierende öffentliche Schlüsseldatei (diejenige, die gespeichert wird, wenn Sie die Schaltfläche zum Speichern verwenden) war nicht syntaktisch anwendbar für das Anhängen an authorized_keys.

Um eine korrekte Formatierung öffentlichen Schlüssel String zu erhalten, kopieren & den erzeugten Code-Schnipsel aus dem PuTTYgen Fenster eine neue Linie in der ~/.ssh/authorized_keys-Datei einfügen. Eine korrekte formatierte Zeile wie folgt aussieht, aber die Syntax erlaubt Kommentare und mehr auch:

ssh-rsa AAAAB3NzaEAAAAB/*...more letters...*/cPogeHB2XQBQ== rsa-key-20170831

Um die privaten Schlüssel in einem Format, die Sie mit anderen ssh-Agenten als Putty verwenden können, können Sie Verwenden Sie PuTTYgens Konvertierungsoption und speichern Sie den Schlüssel im OpenSSH-Format.

als Benutzer ilansch vorgeschlagen wird umfassendere Informationen finden Sie hier: How to convert SSH keypairs generated using PuttyGen(Windows) into key-pairs used by ssh-agent and KeyChain(Linux)

Quelle

2017-08-31 06:13:54 Benni

Verwandte Themen

 Verwandte Themen