ssh-copy-id를 사용하여 SSH 공개 키를 서버에 복사했지만 서버에서 여전히 비밀번호를 요구합니다. ssh 폴더에 있는 파일의 권한을 확인했는데 해당 파일은 사용자만 읽을 수 있습니다. 또한 sshd_config 파일을 확인했는데 PasswordAuthentication 줄이 yes로 끝납니다. 서버에서 Authorized_keys 파일을 확인했는데 키가 id_rsa.pub에 있는 내 키와 일치합니다.
난 달린다
ssh -i <path_to_key> <myusername@host> -vvv
이것은 내가 겪고 있는 오류의 일부입니다(StackExchange에서는 모든 오류를 추가할 수 없습니다).
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
.....
debug1: Connecting to <host> port 22.
debug1: Connection established.
debug1: identity file id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to <host>:22 as <myusername>
debug3: hostkeys_foreach: reading file "/users/studs/bsc/2016/orelhaz/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /users/studs/bsc/2016/orelhaz/.ssh/known_hosts:119
debug3: load_hostkeys: loaded 1 keys from <host>
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
.......
debug3: hostkeys_foreach: reading file "/users/studs/bsc/2016/orelhaz/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /users/studs/bsc/2016/orelhaz/.ssh/known_hosts:119
debug3: load_hostkeys: loaded 1 keys from <host>
debug3: hostkeys_foreach: reading file "/users/studs/bsc/2016/orelhaz/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /users/studs/bsc/2016/orelhaz/.ssh/known_hosts:119
debug3: load_hostkeys: loaded 1 keys from 132.72.44.112
debug1: Host <host> is known and matches the ECDSA host key.
debug1: Found key in /users/studs/bsc/2016/orelhaz/.ssh/known_hosts:119
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
......
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
...........
No Kerberos credentials available (default cache: KEYRING:persistent:8108)
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:8108)
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
감사해요.
답변1
올바른 키 파일 사양을 사용하고 있습니까? 위의 디버그 로그를 내 것과 비교해 보세요.
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/user/.ssh/id_rsa RSA SHA256:6wZNjCyUdVXcrf05PJaayPZ0iB/0052zDvA+luvO0JM
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: /home/user/.ssh/id_rsa RSA SHA256:6wZNjCyUdVXcrf05PJaayPZ0iB/0052zDvA+luvO0JM
debug3: sign_and_send_pubkey: RSA SHA256:6wZNjCyUdVXcrf05PJaayPZ0iB/0052zDvA+luvO0JM
debug3: sign_and_send_pubkey: signing using ssh-rsa SHA256:6wZNjCyUdVXcrf05PJaayPZ0iB/0052zDvA+luvO0JM
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
제공된 공개 키가 단순한 파일 이름이 아닌 전체 경로(생성되고 실제로 상주하는 위치)를 지정하는 것을 볼 수 있습니다. 로컬 구성(키워드 IdentityFile
: )을 확인해 보세요.