SSH를 통해 새 사용자에 로그인할 수 없습니다. "서버가 키를 거부했습니다."

등의 비슷한 질문이 많이 있습니다.SSH: "서버가 아무 이유 없이 키를 거부했습니다."

그러나 제안된 검사를 수행했지만 새 사용자가 SSH를 통해 연결하도록 할 수 없는 것 같습니다. 이것이 나의 과정입니다.

useradd username> passwd username잠깐...

700다른 게시물에서 제안한 대로 새 사용자의 홈 디렉토리 권한을 확인했습니다. ( ~/.ssh/그리고 ~/.ssh/authorized_keys각각 700/600)

PuTTY를 사용하여 새 키를 생성하고 공개 키의 한 줄 버전을 복사하여 ~/.ssh/authorized_keys나머지 키 아래에 붙여넣었습니다.

그런 다음 새 사용자 이름과 .ppk 파일을 지정하여 PuTTY(또는 동일한 키를 사용하는 stfp)를 통해 연결을 시도했지만 서버에서 키를 거부했다는 메시지만 들었습니다.

과거에 루트 사용자에 대한 새 키를 성공적으로 추가했습니다., 새 사용자 및 키를 추가하는 데 실패했습니다.

다른 게시물에서 제안한 대로 사용자의 /home/username 디렉토리에 .ssh 폴더와 Authorized_keys 파일을 추가하려고 시도했지만 아무 소용이 없었습니다.

내 sshd_config의 관련 부분은 다음과 같습니다.

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile  ~/.ssh/authorized_keys
PasswordAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes

나는 가지고있다아니요줄의 존재를 허용하거나 거부합니다.

/var/log/secure는 다음 내용을 표시합니다.

7월 14일 11:20:44 www sshd[18632]: xx.xx.xx.xx로부터 연결 끊김 수신: 14: 사용 가능한 지원되는 인증 방법이 없습니다.

7월 14일 11:22:08 www sshd[18629]: 신호 15가 수신되었습니다.

저는 Linux 명령줄을 처음 접했지만 제가 해본 모든 인터넷 검색을 통해 올바른 순서로 수행하고 있는 것처럼 들리므로 무엇을 놓치고 있는지 알 수 없습니다.

편집하다

ssh -vvv user@server생성하다;

OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to www.xxxxxx.com [127.0.0.1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/identity-cert type -1
debug3: Not a RSA1 key file /root/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 960 bytes for a total of 981
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellma                 n-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected]                 om,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,ae                 s256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,ae                 s256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac                 -sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac                 -sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellma                 n-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,ae                 s256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,ae                 s256-cbc,arcfour,[email protected]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac                 -sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac                 -sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit: none,[email protected]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 1005
debug2: dh_gen_key: priv key bits set: 123/256
debug2: bits set: 498/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 144 bytes for a total of 1149
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /etc/ssh/ssh_known_hosts
debug2: no key of type 0 for host www.xxxxxx.com
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /root/.ssh/known_hosts2
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /etc/ssh/ssh_known_hosts2
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /etc/ssh/ssh_known_hosts
debug2: no key of type 2 for host www.xxxxxx.com
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /root/.ssh/known_hosts2
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /etc/ssh/ssh_known_hosts2
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: host www.xxxxxx.com filename /etc/ssh/ssh_known_hosts
debug2: no key of type 3 for host www.xxxxxx.com
The authenticity of host 'www.xxxxxx.com (127.0.0.1)' can't be established.
RSA key fingerprint is 4a:8f:8d:4c:7a:bd:be:63:e7:04:5b:51:ae:34:fb:80.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'www.xxxxxx.com' (RSA) to the list of known hosts.
debug2: bits set: 485/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1165
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1213
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/identity ((nil))
debug2: key: /root/.ssh/id_rsa (0x7f68bf9e7f10)
debug2: key: /root/.ssh/id_dsa ((nil))
debug2: key: /root/.ssh/id_ecdsa ((nil))
debug3: Wrote 64 bytes for a total of 1277
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug3: Trying to reverse map address 127.0.0.1.
debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found

debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found

debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug3: no such identity: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug3: no such identity: /root/.ssh/id_ecdsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

이것이 대부분 무엇을 의미하는지 잘 모르겠지만 관련이 있는 경우 새 사용자의 SSH 키에 대한 언급은 없습니다...