当我想运行此代码块时,我收到异常 Auth fail :
String remoteHostUserName = "me";
String remoteHostName = "xx.xxx.x.xx";
int port = 22;
String key = "/home/me/.ssh/id_rsa";
String deployPath = "/home/me/Schreibtisch/ssh_example";
JSch jsch=new JSch();
//creating the identity
jsch.addIdentity(key);
System.out.println("identity added ");
Session session=jsch.getSession(remoteHostUserName, remoteHostName, port);
System.out.println("session created.");
Properties config = new Properties();
config.put("StrictHostKeyChecking", "no");
session.setConfig(config);
session.connect();
我不想设置短语。
此处ls -l
文件夹的.ssh
:
drwxrwx--- 2 root me 4096 Jul 27 16:01 .ssh
最后是.ssh
文件夹中的长列表:
-rwxrw---- 1 root me 416 Jul 27 15:51 authorized_keys
-rwxrw---- 1 root me 1675 Jul 27 15:49 id_rsa
-rwxrw---- 1 root me 416 Jul 27 15:49 id_rsa.pub
-rw-r--r-- 1 root me 222 Jul 27 16:01 known_hosts
我复制了.pub
文件,并将其重命名为authorized_keys
。
我还在这里添加了一个记录器:
INFO: kex: server->client aes128-ctr hmac-sha1 none
INFO: kex: client->server aes128-ctr hmac-sha1 none
INFO: SSH_MSG_KEX_ECDH_INIT sent
INFO: expecting SSH_MSG_KEX_ECDH_REPLY
INFO: ssh_rsa_verify: signature true
WARN: Permanently added 'xx.xxx.x.xx' (RSA) to the list of known hosts.
INFO: SSH_MSG_NEWKEYS sent
INFO: SSH_MSG_NEWKEYS received
INFO: SSH_MSG_SERVICE_REQUEST sent
INFO: SSH_MSG_SERVICE_ACCEPT received
INFO: Authentications that can continue: publickey,keyboard-interactive,password
INFO: Next authentication method: publickey
INFO: Authentications that can continue: password
INFO: Next authentication method: password
INFO: Disconnecting from xx.xxx.x.xx port 22
Exception in thread "main" com.jcraft.jsch.JSchException: Auth fail
at com.jcraft.jsch.Session.connect(Session.java:512)
at com.jcraft.jsch.Session.connect(Session.java:183)
at SSHTestStandAlone.testConnection(SSHTestStandAlone.java:33)
at SSHTestStandAlone.main(SSHTestStandAlone.java:11)
我认为在密钥认证后JSch想要普通密码吗?
这里是shell中ssh -v命令的输出:
这里是ssh -v命令的输出:
florian@florian-HP-EliteBook-8540w:~$ ssh -v florian@xx.xxx.x.xx
OpenSSH_6.7p1 Ubuntu-5ubuntu1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to xx.xxx.x.xx [xx.xxx.x.xx] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/florian/.ssh/identity type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/florian/.ssh/identity-cert type -1
debug1: identity file /home/florian/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/florian/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/florian/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/florian/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Ubuntu-5ubuntu1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Ubuntu-5ubuntu1
debug1: match: OpenSSH_6.7p1 Ubuntu-5ubuntu1 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr umac-64-etm@openssh.com none
debug1: kex: client->server aes128-ctr umac-64-etm@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA
xx:xx:xx:xx:xx:xx
The authenticity of host 'xx.xxx.xx.x (xx.xxx.x.xx)' can't be established.
ECDSA key fingerprint is
xx:xx:xx:xx:xx:xx.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'xx.xxx.x.xx' (ECDSA) to the list of known hosts.
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/florian/.ssh/identity
debug1: Offering RSA public key: /home/florian/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/florian/.ssh/id_dsa
debug1: Next authentication method: password
非常感谢和亲切的问候, SirSandmann
答案 0 :(得分:1)
.ssh
文件夹和authorized_keys
文件除了您以外的任何人都无法写入。
确保你
chmod 700 .ssh
chmod 600 .ssh/authorized_keys
旁注(与问题无关):
您的私钥无法被其他任何人读取,但是您。你以这种方式危害你的安全。
另请注意,您不需要在服务器的~/.ssh
文件夹中连接到服务器的私钥。
下次,首先使用GUI客户端测试身份验证,检查您是否正确设置了身份验证。