SSH不能使用IdentityFile配置文件的〜/ .ssh/config中

客戶：蘋果10.8，服務器：Ubuntu的10.04 LTS 64位SSH不能使用IdentityFile配置文件的〜/ .ssh/config中

我用 'SSH-凱基-t RSA' 生成公鑰/私鑰。

首先，我輸入：SSH -i /Users/phenix/.ssh/poponet_rsa [email protected]，我可以登錄到使用私鑰 'poponet_rsa'

接下來，我創建服務器一個配置文件：/Users/phenix/.ssh/config，與內容：

Host popo 
    Hostname popo.net 
    User root 
    PreferredAuthentications publickey 
    IdentityFile /Users/phenix/.ssh/poponet_rsa

，我輸入SSH [email protected]，終端問我的密碼。

接下來，我改變poponet_rsa文件名id_rsa，並輸入SSH [email protected]，OK，我登錄。

我的問題：ssh不能在文件〜/ .ssh/config中使用IdentityFile配置，爲什麼？

$ ssh -vvv [email protected] 
OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011 
debug1: Reading configuration data /Users/phenix/.ssh/config 
debug1: /Users/phenix/.ssh/config line 1: Applying options for popo.net 
debug1: /Users/phenix/.ssh/config line 2: Applying options for popo.net 
debug1: Reading configuration data /etc/ssh_config 
debug1: /etc/ssh_config line 20: Applying options for * 
debug2: ssh_connect: needpriv 0 
debug1: Connecting to popo.net [111.111.111.111] port 22. 
debug1: Connection established. 
debug3: Incorrect RSA1 identifier 
debug3: Could not load "/Users/phenix/.ssh/id_rsa" as a RSA1 public key 
debug1: identity file /Users/phenix/.ssh/id_rsa type -1 
debug1: identity file /Users/phenix/.ssh/id_rsa-cert type -1 
debug1: identity file /Users/phenix/.ssh/id_dsa type -1 
debug1: identity file /Users/phenix/.ssh/id_dsa-cert type -1 
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu7 
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH* 
debug1: Enabling compatibility mode for protocol 2.0 
debug1: Local version string SSH-2.0-OpenSSH_5.9 
debug2: fd 3 setting O_NONBLOCK 
debug3: load_hostkeys: loading entries for host "popo.net" from file "/Users/phenix/.ssh/known_hosts" 
debug3: load_hostkeys: found key type RSA in file /Users/phenix/.ssh/known_hosts:1 
debug3: load_hostkeys: loaded 1 keys 
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa 
debug1: SSH2_MSG_KEXINIT sent 
debug1: SSH2_MSG_KEXINIT received 
debug2: kex_parse_kexinit: **too much init, i delete them.** 
debug2: mac_setup: found hmac-md5 
debug1: kex: server->client aes128-ctr hmac-md5 none 
debug2: mac_setup: found hmac-md5 
debug1: kex: client->server aes128-ctr hmac-md5 none 
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent 
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP 
debug2: dh_gen_key: priv key bits set: 135/256 
debug2: bits set: 468/1024 
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent 
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY 
debug1: Server host key: RSA xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx 
debug3: load_hostkeys: loading entries for host "popo.net" from file "/Users/phenix/.ssh/known_hosts" 
debug3: load_hostkeys: found key type RSA in file /Users/phenix/.ssh/known_hosts:1 
debug3: load_hostkeys: loaded 1 keys 
debug3: load_hostkeys: loading entries for host "111.111.111.111" from file "/Users/phenix/.ssh/known_hosts" 
debug3: load_hostkeys: found key type RSA in file /Users/phenix/.ssh/known_hosts:1 
debug3: load_hostkeys: loaded 1 keys 
debug1: Host 'popo.net' is known and matches the RSA host key. 
debug1: Found key in /Users/phenix/.ssh/known_hosts:1 
debug2: bits set: 516/1024 
debug1: ssh_rsa_verify: signature correct 
debug2: kex_derive_keys 
debug2: set_newkeys: mode 1 
debug1: SSH2_MSG_NEWKEYS sent 
debug1: expecting SSH2_MSG_NEWKEYS 
debug2: set_newkeys: mode 0 
debug1: SSH2_MSG_NEWKEYS received 
debug1: Roaming not allowed by server 
debug1: SSH2_MSG_SERVICE_REQUEST sent 
debug2: service_accept: ssh-userauth 
debug1: SSH2_MSG_SERVICE_ACCEPT received 
debug2: key: /Users/phenix/.ssh/id_rsa (0x0) 
debug2: key: /Users/phenix/.ssh/id_dsa (0x0) 
debug1: Authentications that can continue: publickey,password 
debug3: start over, passed a different list publickey,password 
debug3: preferred publickey,keyboard-interactive,password 
debug3: authmethod_lookup publickey 
debug3: remaining preferred: keyboard-interactive,password 
debug3: authmethod_is_enabled publickey 
debug1: Next authentication method: publickey 
debug1: Trying private key: /Users/phenix/.ssh/id_rsa 
debug1: key_parse_private_pem: PEM_read_PrivateKey failed 
debug1: read PEM private key done: type <unknown> 
debug2: no passphrase given, try next key 
debug1: Trying private key: /Users/phenix/.ssh/id_dsa 
debug3: no such identity: /Users/phenix/.ssh/id_dsa 
debug2: we did not send a packet, disable method 
debug3: authmethod_lookup password 
debug3: remaining preferred: ,password 
debug3: authmethod_is_enabled password 
debug1: Next authentication method: password 
[email protected]'s password:

來源

2013-03-07 zgia

如果你的〜/ .ssh/config中是全部在一行上（如您的文章建議）是這樣的：

Host popo Hostname popo.net User root PreferredAuthentications publickey IdentityFile /Users/phenix/.ssh/poponet_rsa

那麼將無法正常工作。你需要在每個指令分離到自己的路線，像這樣：

Host popo 
Hostname popo.net 
User root 
PreferredAuthentications publickey 
IdentityFile /Users/phenix/.ssh/poponet_rsa

來源

2013-03-07 10:29:43 dave4420

我試了一下，但終端再次問我密碼。只有'debug2：key：/Users/liyuntian/.ssh/id_rsa（0x0）'，沒有'poponet_rsa' – zgia 2013-03-08 01:19:07

我不認爲答案是實際的問題的作者，但谷歌在第一頁返回這個話題。

我也有類似的問題。日誌中的關鍵行：

debug3: Incorrect RSA1 identifier 
debug3: Could not load "/Users/phenix/.ssh/id_rsa" as a RSA1 public key

所以ssh不知道你的poppet.key。在我的情況是錯誤打印的文件名。

我推薦在〜/ .ssh/config中雙擊檢查鍵名。

來源

2013-11-10 09:43:04 leonidv

這些「錯誤」實際上不是問題。 RSA1很少使用了。當加載由IdentityFile指定的密鑰時，大部分時間都會顯示此信息。 – jeffcook2150 2014-04-21 09:55:16

我在這裏找到了我的問題的答案：https://superuser.com/a/436015。

簡而言之，需要在主機或全局SSH客戶端配置中指定IdentitiesOnly yes，否則還可能嘗試未指定的密鑰，包括ssh-agent中的密鑰（如果正在運行）。

來源

2014-04-21 10:01:45 jeffcook2150

SSH不能使用IdentityFile配置文件的〜/ .ssh/config中

回答

相關問題