OpenSSH 无法提供密钥,即使 SSH-Add 可以添加新密钥
OpenSSH is Unable to Offer Key even though SSH-Add Works to Add New Key
所以我最近在使用旧工作笔记本电脑时遇到了问题,出于管理目的需要访问资产和公司实例。我安装了 OpenSSH,并且可以在 Powershell 中正常使用它,但由于某些奇怪的原因,我的配置、密钥不起作用。为什么我无法加载我的密钥并获得访问权限,但如果我使用 Pageant 将其转换为 PK 文件,它就可以工作了。
密钥最初是在 Macbook 上制作的,然后我将其转移到我的 windows 主机上。
OpenSSH 将在 Windows 上工作,但不会提供正确的密钥。
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:
debug3: hostkeys_foreach: reading file "/dev/null"
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
Warning: Permanently added 'XXX.XX.XX.XX' (ECDSA) to the list of known hosts.
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: C:\Users\richard.barrett/\.ssh\Mirantis\id_rsa (00000145F1EB10A0), explicit, agent
debug2: key: C:\Users\richard.barrett/.ssh/Mirantis/id_rsa (00000145F1EB1650)
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 53
debug3: input_userauth_banner
=================================== WARNING ====================================
You have accessed a computer managed by Mirantis INC.
You are required to have authorization from Mirantis INC
before you proceed and you are strictly limited to use set out within that
authorization. Unauthorized access to or misuse of this system is prohibited
and constitutes an offence under the Computer Misuse Act 1990.
If you disclose any information obtained through this system without authority
================================================================================
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:
C:\Users\richard.barrett/\.ssh\Mirantis\id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Offering public key: RSA SHA256:
C:\Users\richard.barrett/.ssh/Mirantis/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
delvalle_tc\richard.barrett@XXX.XX.XX.XXX\: Permission denied (publickey).
但是当我使用 putty gen 转换它时它会起作用吗?
我有两个 openssh 密钥
~\.ssh\id_rsa
~\.ssh\Mirantis\id_rsa
如何在两个键之间切换?
此外,如何在我的新 windows 主机上使用我的 macbook 中的旧配置?
OpenSSH 一直使用不同的配置文件,考虑到我从未尝试在两个不同的 OS 主机之间传输密钥,我设法在它冻结之前从我的旧 macbook 中复制了旧密钥,我很好奇这是否正常我的 ~.ssh 文件夹中已经有一个不同的密钥 我创建了一个 ~\.ssh\Mirantis\ 文件夹,但尽管我更改了 C:\ProgramData\ssh
中的 ssh_config,它仍然提供主密钥
我尝试按照此处的说明进行操作,但实际上并没有提供任何关于如何在 Windows 中将 ssh_config 设置为导入的 config 的方法:https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_server_configuration
好吧好吧,我觉得很愚蠢并解决了它。
由于以下问题,我的权限一直被拒绝:
delvalle_tc\richard.barrett@XXX.XX.XX.XXX\: Permission denied (publickey).
我正在使用
ssh ip_address
解决方案:
ssh-add <file_path>
ssh user@ip_address
我没有考虑到我的用户名不是 richard.barrett,它试图通过这个而不是使用 rbarrett。
所以我最近在使用旧工作笔记本电脑时遇到了问题,出于管理目的需要访问资产和公司实例。我安装了 OpenSSH,并且可以在 Powershell 中正常使用它,但由于某些奇怪的原因,我的配置、密钥不起作用。为什么我无法加载我的密钥并获得访问权限,但如果我使用 Pageant 将其转换为 PK 文件,它就可以工作了。
密钥最初是在 Macbook 上制作的,然后我将其转移到我的 windows 主机上。 OpenSSH 将在 Windows 上工作,但不会提供正确的密钥。
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:
debug3: hostkeys_foreach: reading file "/dev/null"
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
Warning: Permanently added 'XXX.XX.XX.XX' (ECDSA) to the list of known hosts.
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: C:\Users\richard.barrett/\.ssh\Mirantis\id_rsa (00000145F1EB10A0), explicit, agent
debug2: key: C:\Users\richard.barrett/.ssh/Mirantis/id_rsa (00000145F1EB1650)
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 53
debug3: input_userauth_banner
=================================== WARNING ====================================
You have accessed a computer managed by Mirantis INC.
You are required to have authorization from Mirantis INC
before you proceed and you are strictly limited to use set out within that
authorization. Unauthorized access to or misuse of this system is prohibited
and constitutes an offence under the Computer Misuse Act 1990.
If you disclose any information obtained through this system without authority
================================================================================
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:
C:\Users\richard.barrett/\.ssh\Mirantis\id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Offering public key: RSA SHA256:
C:\Users\richard.barrett/.ssh/Mirantis/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
delvalle_tc\richard.barrett@XXX.XX.XX.XXX\: Permission denied (publickey).
但是当我使用 putty gen 转换它时它会起作用吗? 我有两个 openssh 密钥
~\.ssh\id_rsa
~\.ssh\Mirantis\id_rsa
如何在两个键之间切换?
此外,如何在我的新 windows 主机上使用我的 macbook 中的旧配置?
OpenSSH 一直使用不同的配置文件,考虑到我从未尝试在两个不同的 OS 主机之间传输密钥,我设法在它冻结之前从我的旧 macbook 中复制了旧密钥,我很好奇这是否正常我的 ~.ssh 文件夹中已经有一个不同的密钥 我创建了一个 ~\.ssh\Mirantis\ 文件夹,但尽管我更改了 C:\ProgramData\ssh
ssh_config,它仍然提供主密钥
我尝试按照此处的说明进行操作,但实际上并没有提供任何关于如何在 Windows 中将 ssh_config 设置为导入的 config 的方法:https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_server_configuration
好吧好吧,我觉得很愚蠢并解决了它。 由于以下问题,我的权限一直被拒绝:
delvalle_tc\richard.barrett@XXX.XX.XX.XXX\: Permission denied (publickey).
我正在使用
ssh ip_address
解决方案:
ssh-add <file_path>
ssh user@ip_address
我没有考虑到我的用户名不是 richard.barrett,它试图通过这个而不是使用 rbarrett。