SSH-从Mac OSX到CentOS服务器的许可拒绝(publicKey)问题
(有关此问题的大多数线程是AWS或GITHUB相关的。我都不是。这是一个简单的Digital Ocean Centos 8服务器。)
我的旧MacBook无需任何问题即可连接到我的SSH服务器:使用
ssh -2 -p 5555 -i /Users/Me/.ssh/id_rsa [email protected]
(端口号和IP更改了隐私,当然。)
我购买了一个新的MacBook Pro,并已经设置了ssh-keygen像往常一样,然后手动将id_rsa.pub手动移动到服务器的.ssh/授权_Keys。在服务器上,我使用nano将其添加到授权密钥文件中,同时登录为root用户。因此,以下是.ssh dir在服务器上以root用户登录时的样子:
990971649 -rw-------. 1 root root 2722 Jul 7 07:52 authorized_keys
990971651 -rw-------. 1 root root 3389 Jan 10 2021 id_rsa
990971652 -rw-------. 1 root root 747 Jan 10 2021 id_rsa.pub
但是,尽管将id_rsa.pub添加到服务器上的授权_keys中,但我会得到此错误:
[email protected]: Permission denied (publickey)
该问题上的大多数线程都通过添加一些参数来“解决”,但是我的ssh_config服务器上的设置似乎还不错...这可以从我的旧MacBook中使用!以下是服务器设置 -
Protocol 2
Port 5555
LoginGraceTime 60
ClientAliveInterval 120
ClientAliveCountMax 3
MaxSessions 6
AllowUsers root
PermitEmptyPasswords no
PasswordAuthentication no
PermitRootLogin yes
X11Forwarding no
MaxAuthTries 6
IgnoreRhosts yes
AllowTcpForwarding no
AllowAgentForwarding no
Compression no
TCPKeepAlive no
UseDNS no
HostbasedAuthentication no
PubkeyAuthentication yes
AuthenticationMethods publickey
还有什么问题?
(Most threads about this issue are either AWS or GitHub related. Mine is neither. It's a simple Digital Ocean CentOS 8 server.)
My old Macbook connects to my SSH server without any issues:, using
ssh -2 -p 5555 -i /Users/Me/.ssh/id_rsa [email protected]
(Port number and IP changed for privacy, of course.)
I bought a new Macbook Pro, and have set up the ssh-keygen stuff as usual, then manually moved the id_rsa.pub to the server's .ssh/authorized_keys. On the server, I did this adding to the authorized keys file using nano while logged in as the root user. So this below is what the .ssh dir looks like on the server, when logged in as the root user:
990971649 -rw-------. 1 root root 2722 Jul 7 07:52 authorized_keys
990971651 -rw-------. 1 root root 3389 Jan 10 2021 id_rsa
990971652 -rw-------. 1 root root 747 Jan 10 2021 id_rsa.pub
But despite adding the id_rsa.pub stuff into the authorized_keys on the server, I get this error:
[email protected]: Permission denied (publickey)
Most threads on this issue have been 'solved' by adding some parameter, but my ssh_config settings on the server seem to be fine...and this works from my old Macbook! Below are the server settings--
Protocol 2
Port 5555
LoginGraceTime 60
ClientAliveInterval 120
ClientAliveCountMax 3
MaxSessions 6
AllowUsers root
PermitEmptyPasswords no
PasswordAuthentication no
PermitRootLogin yes
X11Forwarding no
MaxAuthTries 6
IgnoreRhosts yes
AllowTcpForwarding no
AllowAgentForwarding no
Compression no
TCPKeepAlive no
UseDNS no
HostbasedAuthentication no
PubkeyAuthentication yes
AuthenticationMethods publickey
What else could be going wrong?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
要解决使用SHA-1哈希算法默认情况下的OpenSSH 9.0P1禁用RSA签名的问题,您可以按照以下步骤修改SSH_Config文件:
将以下行添加到SSH_Config的底部:
To address the issue of OpenSSH 9.0p1 disabling RSA signatures using the SHA-1 hash algorithm by default, you can follow these steps to modify the ssh_config file:
Add the following lines to the bottom of ssh_config:
您需要编辑服务器配置文件,而不是客户端配置文件( ssh_config
)您不想使用密钥登录密钥编辑:
但是,如果服务器不在同一位置,则首先尝试使用密钥登录,而不是编辑此键!
并且不要登录作为根安全性!
您可以使用 ssh-copy-id 将密钥复制到服务器
更新:
tosmotity sshd_config中的所有这些行尝试使用允许/现有用户登录,只有使用密码以找出是否还有其他错误:
每次更改SSH服务器文件中的某些内容时,请不要忘记重新启动SSH服务器:
You need to edit the server config file not the client config file (ssh_config)
Add or edit this in your sshd_config
IF you don't wanna login with passwords only keys edit this too:
But first try to login with the key than edit this to no if the server is not on the same location!
And don't login as root security!
You can use ssh-copy-id to copy the key to the server
UPDATE:
Uncomment all this lines in your sshd_config an try to login with a allowed/existing user only with the password to find out if there are other errors:
DON'T FORGET TO RESTART THE SSH SERVER EVERY TIME YOU CHANGE SOMETHING IN THE SSH SERVER FILES: