다음을 사용하여 공개 키 인증을 설정했지만 ssh처음 로그인할 때 여전히 비밀번호를 묻는 메시지가 표시되고 이후의 모든 로그인(첫 번째 로그인을 활성 상태로 유지하는 동안)에서는 비밀번호를 묻지 않습니다. 이 동작을 생성하는 설정이 무엇인지 알지 못합니다. 처음에 비밀번호를 입력하라는 메시지가 표시된 이유를 아는 사람이 있나요?
ssh서버로부터 로그인 메시지를 받고 user@remote비밀번호를 입력하라고 하기 때문에 비밀번호는 당연히 접속키에 대한 비밀번호가 아닙니다 .
편집 : 출력 ssh -vvv user@remote:
처음 로그인:
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/[user]/.ssh/config
debug1: /home/[user]/.ssh/config line 34: Applying options for phremote
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Hostname has changed; re-reading configuration
debug1: Reading configuration data /home/[user]/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to [remotehost] [[remotehost]] port [remoteport].
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/[user]/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /home/[user]/.ssh/id_rsa type 1
debug1: identity file /home/[user]/.ssh/id_rsa-cert type -1
debug1: identity file /home/[user]/.ssh/id_dsa type -1
debug1: identity file /home/[user]/.ssh/id_dsa-cert type -1
debug1: identity file /home/[user]/.ssh/id_ecdsa type -1
debug1: identity file /home/[user]/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/[user]/.ssh/id_ed25519 type -1
debug1: identity file /home/[user]/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3 pat OpenSSH_6.6.1* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: put_host_port: [[remotehost]]:[remoteport]
debug3: load_hostkeys: loading entries for host "[[remotehost]]:[remoteport]" from file "/home/[user]/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/[user]/.ssh/known_hosts:31
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: setup [email protected]
debug1: kex: server->client aes128-ctr [email protected] none
debug2: mac_setup: setup [email protected]
debug1: kex: client->server aes128-ctr [email protected] none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA ca:f9:c6:2e:47:dc:02:79:bd:22:db:8d:d0:a3:df:a5
debug3: put_host_port: [[remotehost]]:[remoteport]
debug3: put_host_port: [[remotehost]]:[remoteport]
debug3: load_hostkeys: loading entries for host "[[remotehost]]:[remoteport]" from file "/home/[user]/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/[user]/.ssh/known_hosts:31
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "[[remotehost]]:[remoteport]" from file "/home/[user]/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/[user]/.ssh/known_hosts:31
debug3: load_hostkeys: loaded 1 keys
debug1: Host '[[remotehost]]:[remoteport]' is known and matches the ECDSA host key.
debug1: Found key in /home/[user]/.ssh/known_hosts:31
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/[user]/.ssh/id_rsa (0x7f54f7b2d480),
debug2: key: /home/[user]/.ssh/id_dsa ((nil)),
debug2: key: /home/[user]/.ssh/id_ecdsa ((nil)),
debug2: key: /home/[user]/.ssh/id_ed25519 ((nil)),
debug3: input_userauth_banner
[server ssh logon greeting message]
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/[user]/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/[user]/.ssh/id_dsa
debug3: no such identity: /home/[user]/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/fbence/.ssh/id_ecdsa
debug3: no such identity: /home/fbence/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/fbence/.ssh/id_ed25519
debug3: no such identity: /home/fbence/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
[remoteuser]@[remotehost]'s password:
debug3: packet_send2: adding 64 (len 58 padlen 6 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
Authenticated to 81.182.242.26 ([81.182.242.26]:2222).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug2: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x10
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug3: Ignored env NVM_RC_VERSION
debug3: Ignored env CAML_LD_LIBRARY_PATH
debug3: Ignored env XDG_VTNR
debug1: Sending env LC_PAPER = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env MANPATH
debug3: Ignored env NVM_IOJS_ORG_VERSION_LISTING
debug1: Sending env LC_ADDRESS = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env XDG_SESSION_ID
debug3: Ignored env XDG_GREETER_DATA_DIR
debug3: Ignored env SELINUX_INIT
debug1: Sending env LC_MONETARY = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env CLUTTER_IM_MODULE
debug3: Ignored env COMP_WORDBREAKS
debug3: Ignored env SESSION
debug3: Ignored env ANDROID_HOME
debug3: Ignored env GPG_AGENT_INFO
debug3: Ignored env TERM
debug3: Ignored env VTE_VERSION
debug3: Ignored env XDG_MENU_PREFIX
debug3: Ignored env SHELL
debug3: Ignored env PERL5LIB
debug3: Ignored env WINDOWID
debug1: Sending env LC_NUMERIC = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env UPSTART_SESSION
debug3: Ignored env GNOME_KEYRING_CONTROL
debug3: Ignored env GTK_MODULES
debug3: Ignored env OCAML_TOPLEVEL_PATH
debug3: Ignored env NVM_DIR
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug1: Sending env LC_TELEPHONE = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env XDG_SESSION_PATH
debug3: Ignored env XDG_SEAT_PATH
debug3: Ignored env SSH_AUTH_SOCK
debug3: Ignored env KRDIR
debug3: Ignored env DEFAULTS_PATH
debug3: Ignored env SESSION_MANAGER
debug3: Ignored env XDG_CONFIG_DIRS
debug3: Ignored env DESKTOP_SESSION
debug3: Ignored env PATH
debug3: Ignored env QT_IM_MODULE
debug3: Ignored env QT_QPA_PLATFORMTHEME
debug3: Ignored env NVM_NODEJS_ORG_MIRROR
debug1: Sending env LC_IDENTIFICATION = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env PWD
debug3: Ignored env JOB
debug3: Ignored env XMODIFIERS
debug3: Ignored env GNOME_KEYRING_PID
debug1: Sending env LANG = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env GDM_LANG
debug3: Ignored env MANDATORY_PATH
debug1: Sending env LC_MEASUREMENT = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env COMPIZ_CONFIG_PROFILE
debug3: Ignored env IM_CONFIG_PHASE
debug3: Ignored env PAPERSIZE
debug3: Ignored env GDMSESSION
debug3: Ignored env SESSIONTYPE
debug3: Ignored env SHLVL
debug3: Ignored env HOME
debug3: Ignored env XDG_SEAT
debug3: Ignored env LANGUAGE
debug3: Ignored env GNOME_DESKTOP_SESSION_ID
debug3: Ignored env LOGNAME
debug3: Ignored env COMPIZ_BIN_PATH
debug3: Ignored env DBUS_SESSION_BUS_ADDRESS
debug3: Ignored env XDG_DATA_DIRS
debug3: Ignored env QT4_IM_MODULE
debug3: Ignored env LESSOPEN
debug3: Ignored env NVM_IOJS_ORG_MIRROR
debug3: Ignored env INSTANCE
debug3: Ignored env TEXTDOMAIN
debug3: Ignored env XDG_RUNTIME_DIR
debug3: Ignored env DISPLAY
debug3: Ignored env XDG_CURRENT_DESKTOP
debug3: Ignored env GTK_IM_MODULE
debug3: Ignored env LESSCLOSE
debug1: Sending env LC_TIME = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env TEXTDOMAINDIR
debug1: Sending env LC_NAME = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env XAUTHORITY
debug3: Ignored env COLORTERM
debug3: Ignored env _
debug2: channel 0: request shell confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
두 번째(또는 후속 로그인):
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/[user]/.ssh/config
debug1: /home/[user]/.ssh/config line 34: Applying options for phremote
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Hostname has changed; re-reading configuration
debug1: Reading configuration data /home/[user]/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to [remoteip] [[remoteip]] port [remoteport.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/[user]/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /home/[user]/.ssh/id_rsa type 1
debug1: identity file /home/[user]/.ssh/id_rsa-cert type -1
debug1: identity file /home/[user]/.ssh/id_dsa type -1
debug1: identity file /home/[user]/.ssh/id_dsa-cert type -1
debug1: identity file /home/[user]/.ssh/id_ecdsa type -1
debug1: identity file /home/[user]/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/[user]/.ssh/id_ed25519 type -1
debug1: identity file /home/[user]/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3 pat OpenSSH_6.6.1* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: put_host_port: [[remoteip]]:[remoteport
debug3: load_hostkeys: loading entries for host "[[remoteip]]:[remoteport" from file "/home/[user]/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/[user]/.ssh/known_hosts:31
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: setup [email protected]
debug1: kex: server->client aes128-ctr [email protected] none
debug2: mac_setup: setup [email protected]
debug1: kex: client->server aes128-ctr [email protected] none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA ca:f9:c6:2e:47:dc:02:79:bd:22:db:8d:d0:a3:df:a5
debug3: put_host_port: [[remoteip]]:[remoteport
debug3: put_host_port: [[remoteip]]:[remoteport
debug3: load_hostkeys: loading entries for host "[[remoteip]]:[remoteport" from file "/home/[user]/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/[user]/.ssh/known_hosts:31
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "[[remoteip]]:[remoteport" from file "/home/[user]/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/[user]/.ssh/known_hosts:31
debug3: load_hostkeys: loaded 1 keys
debug1: Host '[[remoteip]]:[remoteport' is known and matches the ECDSA host key.
debug1: Found key in /home/[user]/.ssh/known_hosts:31
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/[user]/.ssh/id_rsa (0x7fc9d08bf480),
debug2: key: /home/[user]/.ssh/id_dsa ((nil)),
debug2: key: /home/[user]/.ssh/id_ecdsa ((nil)),
debug2: key: /home/[user]/.ssh/id_ed25519 ((nil)),
debug3: input_userauth_banner
[server ssh logon message]
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/[user]/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp a6:51:bb:ea:bc:4d:32:94:29:6e:d0:d4:f3:45:5b:a6
debug3: sign_and_send_pubkey: RSA a6:51:bb:ea:bc:4d:32:94:29:6e:d0:d4:f3:45:5b:a6
debug1: Authentication succeeded (publickey).
Authenticated to [remoteip] ([[remoteip]]:[remoteport).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug2: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x10
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug3: Ignored env NVM_RC_VERSION
debug3: Ignored env CAML_LD_LIBRARY_PATH
debug3: Ignored env XDG_VTNR
debug1: Sending env LC_PAPER = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env MANPATH
debug3: Ignored env NVM_IOJS_ORG_VERSION_LISTING
debug1: Sending env LC_ADDRESS = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env XDG_SESSION_ID
debug3: Ignored env XDG_GREETER_DATA_DIR
debug3: Ignored env SELINUX_INIT
debug1: Sending env LC_MONETARY = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env CLUTTER_IM_MODULE
debug3: Ignored env COMP_WORDBREAKS
debug3: Ignored env SESSION
debug3: Ignored env ANDROID_HOME
debug3: Ignored env GPG_AGENT_INFO
debug3: Ignored env TERM
debug3: Ignored env VTE_VERSION
debug3: Ignored env XDG_MENU_PREFIX
debug3: Ignored env SHELL
debug3: Ignored env PERL5LIB
debug3: Ignored env WINDOWID
debug1: Sending env LC_NUMERIC = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env UPSTART_SESSION
debug3: Ignored env GNOME_KEYRING_CONTROL
debug3: Ignored env GTK_MODULES
debug3: Ignored env OCAML_TOPLEVEL_PATH
debug3: Ignored env NVM_DIR
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug1: Sending env LC_TELEPHONE = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env XDG_SESSION_PATH
debug3: Ignored env XDG_SEAT_PATH
debug3: Ignored env SSH_AUTH_SOCK
debug3: Ignored env KRDIR
debug3: Ignored env DEFAULTS_PATH
debug3: Ignored env SESSION_MANAGER
debug3: Ignored env XDG_CONFIG_DIRS
debug3: Ignored env DESKTOP_SESSION
debug3: Ignored env PATH
debug3: Ignored env QT_IM_MODULE
debug3: Ignored env QT_QPA_PLATFORMTHEME
debug3: Ignored env NVM_NODEJS_ORG_MIRROR
debug1: Sending env LC_IDENTIFICATION = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env PWD
debug3: Ignored env JOB
debug3: Ignored env XMODIFIERS
debug3: Ignored env GNOME_KEYRING_PID
debug1: Sending env LANG = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env GDM_LANG
debug3: Ignored env MANDATORY_PATH
debug1: Sending env LC_MEASUREMENT = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env COMPIZ_CONFIG_PROFILE
debug3: Ignored env IM_CONFIG_PHASE
debug3: Ignored env PAPERSIZE
debug3: Ignored env GDMSESSION
debug3: Ignored env SESSIONTYPE
debug3: Ignored env SHLVL
debug3: Ignored env HOME
debug3: Ignored env XDG_SEAT
debug3: Ignored env LANGUAGE
debug3: Ignored env GNOME_DESKTOP_SESSION_ID
debug3: Ignored env LOGNAME
debug3: Ignored env COMPIZ_BIN_PATH
debug3: Ignored env DBUS_SESSION_BUS_ADDRESS
debug3: Ignored env XDG_DATA_DIRS
debug3: Ignored env QT4_IM_MODULE
debug3: Ignored env LESSOPEN
debug3: Ignored env NVM_IOJS_ORG_MIRROR
debug3: Ignored env INSTANCE
debug3: Ignored env TEXTDOMAIN
debug3: Ignored env XDG_RUNTIME_DIR
debug3: Ignored env DISPLAY
debug3: Ignored env XDG_CURRENT_DESKTOP
debug3: Ignored env GTK_IM_MODULE
debug3: Ignored env LESSCLOSE
debug1: Sending env LC_TIME = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env TEXTDOMAINDIR
debug1: Sending env LC_NAME = hu_HU.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env XAUTHORITY
debug3: Ignored env COLORTERM
debug3: Ignored env _
debug2: channel 0: request shell confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
답변1
이는 로그인 중에 홈 디렉토리(및 키)에 액세스할 수 없기 때문일 수 있습니다. 이는 로그인 후 네트워크 드라이브(공유 시스템)에서 홈 디렉토리가 마운트되거나 홈 디렉토리가 암호화(일반적으로 워크스테이션 마운트)되어 발생할 수 있습니다.
이 문제를 해결하는 것은 복잡하지만 몇 가지 토론을 살펴보겠습니다. 해결책은 AuthorizedKeysFile키를 액세스 가능한 다른 위치나 키 글로벌 저장소( /etc/security/authorized_keys)로 이동하거나 디렉터리 서버(예, 로컬일 수 있음)에서 키를 가져오는 일종의 SSO 관리 시스템(IPA, LDAP)으로 이동하는 것입니다. 대상 시스템에 대해 얼마나 많은 제어권을 갖고 있는지에 따라 다릅니다.
아마도 가장 좋은 해결책은 키를 다른 곳에 저장하고 다음 값을 변경하는 것입니다 sshd_config.
AuthorizedKeysFile /etc/ssh/%u/authorized_keys