不能ssh到localhost,感觉我已经尝试了stackoverflow上的所有内容。我一直在玩ssh_config试图解决我的问题,但我仍然得到“远程主机关闭连接”或类似“可以继续的身份验证:publickey。调试1:没有更多的身份验证方法可以尝试”取决于我的设置
以下是我目前看到的内容:
$ ssh -v localhost
OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data /Users/<user>/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug1: /etc/ssh/ssh_config line 102: Applying options for *
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug1: identity file /Users/<user>/.ssh/id_rsa type 1
debug1: identity file /Users/<user>/.ssh/id_rsa-cert type 5
debug1: identity file /Users/user/.ssh/id_dsa type 2
debug1: identity file /Users/user/.ssh/id_dsa-cert type 6
debug1: identity file /Users/user/.ssh/id_ecdsa type 3
debug1: identity file /Users/user/.ssh/id_ecdsa-cert type 7
debug1: identity file /Users/user/.ssh/id_ed25519 type 4
debug1: identity file /Users/user/.ssh/id_ed25519-cert type 8
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
ssh_exchange_identification: Connection closed by remote host
我当前设置的etc / ssh / ssh_config是:
This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
Host *
SendEnv LANG LC_*
# Configuration options and default values (see ssh_config(5) for their meaning):
#
# Host # (no default)
# AddressFamily any
# AskPassGUI yes # (Apple only)
# BatchMode no
# BindAddress # (no default)
# ChallengeResponseAuthentication yes
# CheckHostIP yes
# Cipher 3des
# ClearAllForwardings no
# Compression no
# CompressionLevel 6
# ConnectionAttempts 1
# ConnectTimeout # (no default)
# ControlMaster no
# ControlPath # (no default)
# ControlPersist no
# DynamicForward
# EnableSSHKeysign no
# EscapeChar ~
# ExitOnForwardFailure no
# ForwardAgent no
# ForwardX11 no
# ForwardX11Timeout 1200
# ForwardX11Trusted no
# XauthLocation xauth # Default is to search $PATH. It is recommended that a full path be provided.
# GatewayPorts no
# GlobalKnownHostsFile /etc/ssh/ssh_known_hosts,/etc/ssh/ssh_known_hosts2
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
# GSSAPIKeyExchange no
GSSAPITrustDNS yes
# HashKnownHosts no
# HostbasedAuthentication no
# HostKeyAlgorithms ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
# HostKeyAlias # (no default)
# HostName # (set by command at run-time)
# IdentitiesOnly no
# IdentityFile .ssh/id_rsa,.ssh/id_dsa
# IPQoS lowdelay
# KbdInteractiveAuthentication yes
# KbdInteractiveDevices # (no default)
# KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
# LocalCommand # (no default)
# LocalForward # (no default)
# LogLevel INFO
# NoHostAuthenticationForLocalhost no
# NumberOfPasswordPrompts 3
# PasswordAuthentication yes
# PermitLocalCommand no
# PKCS11Provider # (no default)
# Port 22
# PreferredAuthentications gssapi-with-mic,hostbased,publickey,keyboard-interactive,password # (set by ssh at run-time)
# Protocol 2
# ProxyCommand # (no default)
# PubkeyAuthentication yes
# RekeyLimit 0
# RemoteForward # (no default)
# RequestTTY auto
# RhostsRSAAuthentication no
# RSAAuthentication yes
# SendEnv # (no default)
# ServerAliveCountMax 3
# ServerAliveInterval 0
# StrictHostKeyChecking ask
# TCPKeepAlive yes
# Tunnel no
# TunnelDevice any:any
# UsePrivilegedPort no
# User # (set by command at run-time)
# UserKnownHostsFile ~/.ssh/known_hosts,~/.ssh/known_hosts2
# VerifyHostKeyDNS no
# VisualHostKey no
# XAuthLocationi xauth
# XAuthLocation added by XQuartz (http://www.xquartz.org)
Host *
XAuthLocation /opt/X11/bin/xauth
根据其他堆栈溢出答案,我的权限看起来不错
-rw-r--r-- 1 root wheel 3953 Jun 4 21:23 ssh_config
-rw-r--r-- 1 root wheel 4219 Jun 4 21:32 ssh_config~
-rw-r--r-- 1 root wheel 1624 Jan 21 17:10 ssh_config~orig
-rw------- 1 root wheel 668 Feb 26 07:39 ssh_host_dsa_key
-rw-r--r-- 1 root wheel 590 Feb 26 07:39 ssh_host_dsa_key.pub
-rw------- 1 root wheel 227 May 29 19:20 ssh_host_ecdsa_key
-rw-r--r-- 1 root wheel 162 May 29 19:20 ssh_host_ecdsa_key.pub
-rw------- 1 root wheel 387 May 29 19:20 ssh_host_ed25519_key
-rw-r--r-- 1 root wheel 82 May 29 19:20 ssh_host_ed25519_key.pub
-rw------- 1 root wheel 965 Feb 26 07:39 ssh_host_key
-rw-r--r-- 1 root wheel 630 Feb 26 07:39 ssh_host_key.pub
-rw------- 1 root wheel 1675 Feb 26 07:39 ssh_host_rsa_key
-rw-r--r-- 1 root wheel 382 Feb 26 07:39 ssh_host_rsa_key.pub
-rw-r--r-- 1 root wheel 4216 Jun 4 21:11 sshd_config
-rw-r--r-- 1 root wheel 4215 Jun 4 21:02 sshd_config~
不知道我还能在哪里出错 - 你能提出的任何建议都会非常感激!!
编辑:我现在正在<pre>4 22:30:56 MacBook-Pro com.apple.xpc.launchd[1] (com.openssh.sshd.EEE1E6DD-C42C-45AD-9D7E-8D5C85D4E6C8[1032]): Service exited with abnormal code: 255
Jun 4 22:31:03 MacBook-Pro com.apple.xpc.launchd [1](org.openbsd.ssh-agent [1067]):服务退出时代码异常:1 Jun 4 22:31:03 MacBook-Pro com.apple.xpc.launchd [1](org.openbsd.ssh-agent):服务只运行0秒。将重生推出10秒钟。 Jun 4 22:31:13 MacBook-Pro com.apple.xpc.launchd [1](org.openbsd.ssh-agent [1091]):服务退出时代码异常:1 Jun 4 22:31:13 MacBook-Pro com.apple.xpc.launchd [1](org.openbsd.ssh-agent):服务只运行0秒。将重生推出10秒钟。
我的密钥似乎在sshing时工作但挂起在debug1行:接收到SSH2_MSG_SERVICE_ACCEPT
如果在尝试ssh之前取消设置$ SSH_AUTH_SOCK,一切都按预期工作
答案 0 :(得分:0)
应该有一个名为&#34; authorized_keys&#34;的文件。您应该将一个自己的公钥(证书文件)添加(复制粘贴内容)到其中。
答案 1 :(得分:0)
帮助他人:有多个ssh配置文件!我必须经过我的ssh配置一百万次,但我一直在查看错误的文件。我的sshd_config中有错误。因为我正在使用我自己的机器,所以这两个文件都必须正确设置。 (一个用于客户端的文件,一个用于服务器配置的文件 - &gt;至少这是我目前的理解)。 cat /var/log/system.log | grep ssh指出错误发生在另一个文件中。仍然在ssh上挂着我,但至少还有一步:)