저는 Linux 게임을 처음 접했습니다. 원격 호스트에 SSH 연결을 설정하고 원격 호스트에서 로컬 시스템으로 보안 복사(scp)를 시도했습니다. 저는 Oracle VM에서 Linux Ubuntu를 실행하고 있습니다.
ssh -v를 실행할 때:
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /home/USER/.ssh/config
debug1: /home/USER/.ssh/config line 1: Applying options for novagpvm01
debug1: Connecting to HOSTNAME [HOSTIP] port 22.
debug1: Connection established.
debug1: identity file /home/USER/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/USER/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/USER/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/USER/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/USER/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/USER/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/USER/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/USER/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to HOSTNAME:22 as 'USER'
debug1: Offering GSSAPI proposal: gss-gex-sha1-toWM8Slw8Ew8Mqkay+al2g==,gss-group1-sha1-
toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-gex-sha1-
eipGX3TCiTUrx573bT1o1Q==,gss-group1-sha1-eipGX3TCiQSrx573bT1o1Q==,gss-group14-sha1-
eipGX3TCiTUrx573bT1o1Q==
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: gss-gex-sha1-toWM8Slw8Ew8Mqkay+al2g==
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
debug1: Doing group exchange
debug1: Calling gss_init_sec_context
debug1: Delegating credentials
debug1: Received GSSAPI_COMPLETE
debug1: Calling gss_init_sec_context
debug1: Delegating credentials
debug1: Rekey has happened - updating saved versions
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: gssapi-keyex
debug1: Authentication succeeded (gssapi-keyex).
Authenticated to HOSTNAME ([HOSTIP]:22).
debug1: Local connections to LOCALHOST:5901 forwarded to remote address localhost:5904
debug1: Local forwarding listening on 127.0.0.1 port 5901.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on ::1 port 5901.
bind: Cannot assign requested address
debug1: channel 1: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: exec
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Requesting authentication agent forwarding.
이 시점에서 SSH가 설정됩니다. 내 로컬에서 안전한 복사본을 실행하면 다음과 같은 형식이 됩니다.
scp -r -v USER1@HOSTNAME:FOLDERPATH ~/home/USER/folder
다음 오류가 발생합니다.
debug1: Authentications that can continue: gssapi-keyex,gssapi-with-mic
debug3: start over, passed a different list gssapi-keyex,gssapi-with-mic
debug3: preferred publickey,keyboard-interactive,password
debug1: No more authentication methods to try.
user@domain: Permission denied (gssapi-keyex,gssapi-with-mic).
호스트와 로컬에서 구성 파일을 확인했는데 이전 게시물과 호스트에서 권장한 파일입니다. 내 IP 주소를 사용해 보았지만 연결 시간 초과 오류가 발생했습니다. 다음과 같은 내용을 볼 때 이는 심각한 오류는 아닌 것 같습니다.
debug1: Server host key: ssh-rsa SHA256:xn0AoXgnMHKa8f9z9a9bClSHotypJqbIz8Vrw6MxNTc
debug3: hostkeys_foreach: reading file "/home/user/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /home/user/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from host.com
debug3: hostkeys_foreach: reading file "/home/user/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /home/user/.ssh/known_hosts:2
debug3: load_hostkeys: loaded 1 keys from XXX.XXX.XX.XX
debug1: Host 'host.com' is known and matches the RSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:1
아이디어가 부족하여 도움을 주시면 정말 감사하겠습니다. 감사합니다!
답변1
미안해요. 문제가 있는 곳은 다음과 같습니다.
debug1: Local forwarding listening on ::1 port 5901.
bind: Cannot assign requested address
debug1: channel 1: new [client-session]
ssh 프로세스를 ::1 포트 5901(일반적으로 vnc에 사용됨)에 다시 바인딩하려고 시도하고 있으며 이미 다른 프로세스에서 사용 중인 것 같습니다.
sudo netstat -anp | grep 5901
또는
ss -tunap | grep 5901
프로세스를 식별해야 합니다.
답변2
사용된 기본 키 교환 알고리즘이 호환되지 않습니다. ssh_config에 대한 맨페이지를 확인하면 다음과 같습니다.
$ man ssh_config
그리고 GSSAPIKexAlgorithms를 찾으면 사용할 수 있는 옵션을 찾을 수 있습니다. 이렇게 적용하면 된다
$ scp -o GSSAPIKexAlgorithms=gss-nistp256-sha256- -r -v USER1@HOSTNAME:FOLDERPATH ~/home/USER/folder