当尝试从windows客户端sftp到我的redhat服务器时,我看到以下错误消息:
客户:
C:UsersAdministrator.ssh>sftp -P 7822 -v user@x.x.x.x
.
.
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:FczboY8BDSWtdA87euFDWSDrwBNRMbYzHUR3VmMpbk
C:\Users\Administrator/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Trying private key: C:\Users\Administrator/.ssh/id_dsa
debug1: Trying private key: C:\Users\Administrator/.ssh/id_ecdsa
debug1: Trying private key: C:\Users\Administrator/.ssh/id_ed25519
debug1: Trying private key: C:\Users\Administrator/.ssh/id_xmss
debug1: No more authentication methods to try.
user@x.x.x.x Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
服务器:
Aug 4 23:27:09 3oy1jxwr1k81l.xxx.io sshd[16064]: Connection reset by x.x.x.x port 65256 [preauth]
Aug 4 23:27:14 3oy1jxwr1k81l.xxx.io sshd[16117]: Did not receive identification string from x.x.x.x port 12593
Aug 4 23:27:24 3oy1jxwr1k81l.xxx.io sshd[16259]: Did not receive identification string from x.x.x.x port 48329
Aug 4 23:27:34 3oy1jxwr1k81l.xxx.io sshd[16394]: Did not receive identification string from x.x.x.x port 2040
我确信防火墙中的所有端口都打开了,authorized_keys设置正确。所以我停止了sshd服务,并从cmd行运行-ddd希望得到更多的信息。
但是当在调试模式下运行时,连接成功!?!?
/user/sbin/sshd -D -ddd
客户:
C:UsersAdministrator.ssh>sftp -P 7822 user@x.x.x.x
Connected to user@x.x.x.x.
sftp> exit
你知道会发生什么吗?(注意,这是100%可复制的,在sshd正常运行时每次失败,在使用-ddd运行时总是成功)
所以看起来问题是由于服务器上的用户主目录中缺少.bash_profile。
重新添加用户配置文件后,问题似乎解决了。
为什么sshd在调试模式下运行时不关心它的缺失,这似乎是sshd的一个错误。
我也收到了Connection reset by [ip] port x [preauth]的消息。
然而,对我来说,这是客户端的防火墙问题。日志含义IT部门阻断了网络外的SSH协议。更新防火墙后,连接正常。