1. Accueil
  2. Question et réponse
  3. Échec de l'authentification du serveur via la clé SSH

Échec de l'authentification du serveur via la clé SSH

2017-08-30 1 views
-2

J'ai essayé de configurer l'authentification par clé privée/publique sur mon serveur (CentOS). Voici les étapes que j'ai fait:Échec de l'authentification du serveur via la clé SSH

  1. Generated une paire de clés public/privé avec puttygen
  2. Copié la clé publique au serveur et ajouté avec la commande cat pour le fichier /root/.ssh/authorized_keys
  3. propriété de fichier suggéré vérifié et les autorisations pour .ssh (700) et .ssh/authorized_keys (600)
  4. REStarted le service sshd
  5. Dans la configuration Putty sous Connexion> SSH> Auth, sélectionné la clé privat

Mais quand j'essaie de me connecter avec Putty, j'obtiens le message "Serveur refusé notre clé". Je suis invité pour le mot de passe alors, et cela fonctionne.

J'ai aussi relevé le niveau du journal d'authentification, voici la sortie pour une tentative avortée:

Aug 30 12:55:01 localhost sshd[44558]: debug3: fd 5 is not O_NONBLOCK 
Aug 30 12:55:01 localhost sshd[44558]: debug1: Forked child 44752. 
Aug 30 12:55:01 localhost sshd[44558]: debug3: send_rexec_state: entering fd = 8 config len 803 
Aug 30 12:55:01 localhost sshd[44558]: debug3: ssh_msg_send: type 0 
Aug 30 12:55:01 localhost sshd[44558]: debug3: send_rexec_state: done 
Aug 30 12:55:01 localhost sshd[44752]: debug3: oom_adjust_restore 
Aug 30 12:55:01 localhost sshd[44752]: Set /proc/self/oom_score_adj to 0 
Aug 30 12:55:01 localhost sshd[44752]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8 
Aug 30 12:55:01 localhost sshd[44752]: debug1: inetd sockets after dupping: 3, 3 
Aug 30 12:55:01 localhost sshd[44752]: Connection from 91.15.164.238 port 58557 on 82.165.78.188 port 22 
Aug 30 12:55:01 localhost sshd[44752]: debug1: Client protocol version 2.0; client software version PuTTY_Release_0.70 
Aug 30 12:55:01 localhost sshd[44752]: debug1: no match: PuTTY_Release_0.70 
Aug 30 12:55:01 localhost sshd[44752]: debug1: Enabling compatibility mode for protocol 2.0 
Aug 30 12:55:01 localhost sshd[44752]: debug1: Local version string SSH-2.0-OpenSSH_6.6.1 
Aug 30 12:55:01 localhost sshd[44752]: debug2: fd 3 setting O_NONBLOCK 
Aug 30 12:55:01 localhost sshd[44752]: debug3: ssh_sandbox_init: preparing rlimit sandbox 
Aug 30 12:55:01 localhost sshd[44752]: debug2: Network child is on pid 44753 
Aug 30 12:55:01 localhost sshd[44752]: debug3: preauth child monitor started 
Aug 30 12:55:01 localhost sshd[44752]: debug1: SELinux support disabled [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: privsep user:group 74:74 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: permanently_set_uid: 74/74 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: list_hostkey_types: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: SSH2_MSG_KEXINIT sent [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: SSH2_MSG_KEXINIT received [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: none,[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: none,[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: first_kex_follows 0 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: reserved 0 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa2048-sha256,rsa1024-sha1,diffie-hellman-group1-sha1 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[email protected],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],[email protected] [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: none,zlib [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: none,zlib [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: first_kex_follows 0 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_parse_kexinit: reserved 0 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: mac_setup: setup hmac-sha2-256 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: kex: client->server aes256-ctr hmac-sha2-256 none [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: mac_setup: setup hmac-sha2-256 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: kex: server->client aes256-ctr hmac-sha2-256 none [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: kex: [email protected] need=32 dh_need=32 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 120 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 121 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:01 localhost sshd[44752]: debug3: monitor_read: checking request 120 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 121 
Aug 30 12:55:01 localhost sshd[44752]: debug1: kex: [email protected] need=32 dh_need=32 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 120 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 121 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:01 localhost sshd[44752]: debug3: monitor_read: checking request 120 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 121 
Aug 30 12:55:01 localhost sshd[44752]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_key_sign entering [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 6 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 7 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:01 localhost sshd[44752]: debug3: monitor_read: checking request 6 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_answer_sign 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_answer_sign: signature 0x7f0b70e15390(271) 
Aug 30 12:55:01 localhost sshd[44752]: debug3: mm_request_send entering: type 7 
Aug 30 12:55:01 localhost sshd[44752]: debug2: monitor_read: 6 used once, disabling now 
Aug 30 12:55:01 localhost sshd[44752]: debug2: kex_derive_keys [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: set_newkeys: mode 1 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: SSH2_MSG_NEWKEYS sent [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: expecting SSH2_MSG_NEWKEYS [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug2: set_newkeys: mode 0 [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: SSH2_MSG_NEWKEYS received [preauth] 
Aug 30 12:55:01 localhost sshd[44752]: debug1: KEX done [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: userauth-request for user root service ssh-connection method none [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: attempt 0 failures 0 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_getpwnamallow entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 8 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 9 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 8 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_pwnamallow 
Aug 30 12:55:04 localhost sshd[44752]: debug3: Trying to reverse map address 91.15.164.238. 
Aug 30 12:55:04 localhost sshd[44752]: debug2: parse_server_config: config reprocess config len 803 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 9 
Aug 30 12:55:04 localhost sshd[44752]: debug2: monitor_read: 8 used once, disabling now 
Aug 30 12:55:04 localhost sshd[44752]: debug2: input_userauth_request: setting up authctxt for root [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_start_pam entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 100 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_inform_authserv entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 4 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_inform_authrole entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 80 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug2: input_userauth_request: try method none [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: userauth_finish: failure partial=0 next methods="publickey,gssapi-keyex,gssapi-with-mic,password" [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 100 
Aug 30 12:55:04 localhost sshd[44752]: debug1: PAM: initializing for "root" 
Aug 30 12:55:04 localhost sshd[44752]: debug1: PAM: setting PAM_RHOST to "p5b0fa4ee.dip0.t-ipconnect.de" 
Aug 30 12:55:04 localhost sshd[44752]: debug1: PAM: setting PAM_TTY to "ssh" 
Aug 30 12:55:04 localhost sshd[44752]: debug2: monitor_read: 100 used once, disabling now 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 4 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_authserv: service=ssh-connection, style= 
Aug 30 12:55:04 localhost sshd[44752]: debug2: monitor_read: 4 used once, disabling now 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 80 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_authrole: role= 
Aug 30 12:55:04 localhost sshd[44752]: debug2: monitor_read: 80 used once, disabling now 
Aug 30 12:55:04 localhost sshd[44752]: debug1: userauth-request for user root service ssh-connection method publickey [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: attempt 1 failures 0 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug2: input_userauth_request: try method publickey [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: test whether pkalg/pkblob are acceptable [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_key_allowed entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 22 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 23 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 22 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_keyallowed entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_keyallowed: key_from_blob: 0x7f0b70e1ca10 
Aug 30 12:55:04 localhost sshd[44752]: debug1: temporarily_use_uid: 0/0 (e=0/0) 
Aug 30 12:55:04 localhost sshd[44752]: debug1: trying public key file /root/.ssh/authorized_keys 
Aug 30 12:55:04 localhost sshd[44752]: debug1: fd 4 clearing O_NONBLOCK 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key_type_from_name: unknown key type '----' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing keytype 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: '---- BEGIN SSH2 PUBLIC KEY ----\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key_type_from_name: unknown key type 'BEGIN' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing keytype 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: 'BEGIN SSH2 PUBLIC KEY ----\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key_type_from_name: unknown key type 'Comment:' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing keytype 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: 'Comment: "rsa-key-20170830"\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '"rsa-key-20170830"\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: 'AAAAB3NzaC1yc2EAAAABJQAAAQEAkO9lXNIVuohGAOsCQy+NDIJv7a+a6z6ekmSp\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: 'HfFduHAvOadeX/HDidL1696CVOHjX8fJ7ITTCaFl2ljI06lobZ2baDAsezpMhut9\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: 'xmovTOmTJK3pOAI9E1S3Hmhum0QViFsE5oCiMHwZixLmWoeZt09ZwSZyQZAvtHTU\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: '73bviqiky/j2xYpG+5QKyViyCEAa6KbJKnGpLw8UTf0rEBhUES9wLBt4vU3AZuQd\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: 'evfZSr3lDBlCCdX3vyJJP8m4x3+8YMSvJSfKa9MErWpxjNE+4GMhyexNILSP+lgy\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: '5tqWIehpSekThkJLpi0KPvGiK/bm7oXMVNLN0KdLAf/MKUzB9w==\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing whitespace 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: '' 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key_type_from_name: unknown key type '----' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing keytype 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: check options: '---- END SSH2 PUBLIC KEY ----\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key_type_from_name: unknown key type 'END' 
Aug 30 12:55:04 localhost sshd[44752]: debug3: key_read: missing keytype 
Aug 30 12:55:04 localhost sshd[44752]: debug2: user_key_allowed: advance: 'END SSH2 PUBLIC KEY ----\r\n' 
Aug 30 12:55:04 localhost sshd[44752]: debug2: key not found 
Aug 30 12:55:04 localhost sshd[44752]: debug1: restore_uid: 0/0 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_answer_keyallowed: key 0x7f0b70e1ca10 is not allowed 
Aug 30 12:55:04 localhost sshd[44752]: Failed publickey for root from 91.15.164.238 port 58557 ssh2: RSA 4c:13:08:b4:06:eb:ea:98:54:69:50:3e:cf:22:9e:da 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 23 
Aug 30 12:55:04 localhost sshd[44752]: debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: userauth_finish: failure partial=0 next methods="publickey,gssapi-keyex,gssapi-with-mic,password" [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: userauth-request for user root service ssh-connection method gssapi-with-mic [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug1: attempt 2 failures 1 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug2: input_userauth_request: try method gssapi-with-mic [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 42 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive_expect entering: type 43 [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering [preauth] 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_receive entering 
Aug 30 12:55:04 localhost sshd[44752]: debug3: monitor_read: checking request 42 
Aug 30 12:55:04 localhost sshd[44752]: debug1: Unspecified GSS failure. Minor code may provide more information\nKey table file '/etc/krb5.keytab' not found\n 
Aug 30 12:55:04 localhost sshd[44752]: debug3: mm_request_send entering: type 43 
Aug 30 12:55:04 localhost sshd[44752]: debug3: userauth_finish: failure partial=0 next methods="publickey,gssapi-keyex,gssapi-with-mic,password" [preauth]

Source

2017-08-30 Benni

+0

Il serait par nature si le downvoters peut me donner un indice pourquoi ils downvote cette question, merci! – Benni

+0

Je n'ai pas downvote .. mais ... https://stackoverflow.com/questions/2224066/how-to-convert-ssh-keypairs-generated-using-puttygenwindows-into-key-pairs-use – ilansch

+0

@ilansch OK , c'est une réponse meilleure et plus complète, mais la question était différente. – Benni

Répondre

0

Voici la raison pour laquelle il ne fonctionne pas. Comme de nombreux tutoriels étape par étape suggèrent, on devrait générer le fichier de clé publique, le copier sur le serveur, puis ajoutez la clé publique au authorized_keys fichier avec la commande cat comme ceci:

cat id_rsa.mypublickey.pub >> ~/.ssh/authorized_keys

Im Dans mon cas, j'ai utilisé PuTTYgen pour générer les clés. Mais le fichier de clé publique résultant (celui qui est enregistré lorsque vous utilisez le bouton de sauvegarde) n'était pas applicable syntaxiquement pour l'ajout à authorized_keys.

Pour obtenir une bonne chaîne formatée clé publique, copier & coller l'extrait généré à partir de la fenêtre PuTTYgen à une nouvelle ligne dans le répertoire ~/.ssh/authorized_keys. Une bonne ligne au format ressemble à ceci, cependant, la syntaxe permet des commentaires et plus, aussi:

ssh-rsa AAAAB3NzaEAAAAB/*...more letters...*/cPogeHB2XQBQ== rsa-key-20170831

Pour obtenir le dans un format clé privée que vous pouvez utiliser avec d'autres agents ssh que Putty, vous pouvez utilisez l'option Conversion de PuTTYgen et enregistrez la clé au format OpenSSH.

En tant qu'utilisateur ilansch suggéré, des informations plus complètes se trouve ici: How to convert SSH keypairs generated using PuttyGen(Windows) into key-pairs used by ssh-agent and KeyChain(Linux)

Source

2017-08-31 06:13:54 Benni

 Questions connexes

  • Aucun problème connexe^_^