我无法通过ssh连接到digitalocean上的服务器。我已经在要访问的服务器上添加了公钥。我正在使用 Git for Windows。使用 Windows 7。我已经禁用了 GIT 中ssh_config文件中的严格主机密钥检查。ssh 代理正在运行。还使用 ssh-add 命令将密钥添加到代理,它正确显示我的私钥。我的私钥名称是ct_devops而不是id_rsa,这是问题所在吗? 请在下面找到 ssh -vT "hostname" 命令的输出:
OpenSSH_7.7p1, OpenSSL 1.0.2p 14 Aug 2018
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to qa-baseversion.cxmweb.com [178.128.78.198] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/justinxa/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/justinxa/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/justinxa/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/justinxa/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/justinxa/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/justinxa/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/justinxa/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/justinxa/.ssh/id_ed25519-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/justinxa/.ssh/id_xmss type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/justinxa/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.7
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u4
debug1: match: OpenSSH_6.7p1 Debian-5+deb8u4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to qa-baseversion.cxmweb.com:22 as 'JustinXa'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:OZBnpQ0IJBFGJH0tqPuNb9GnkjDPEZ1O2lvMs07imMo
debug1: Host 'qa-baseversion.cxmweb.com' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/justinxa/.ssh/known_hosts:6
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:pVj+83I7wVJ7LF2mB5IVNDXbfXdyGYh7Cvh/9HRePGY JustinXa@CSSLLAPTOP-148
debug1: Authentications that can continue: publickey
debug1: Trying private key: /c/Users/justinxa/.ssh/id_rsa
debug1: Trying private key: /c/Users/justinxa/.ssh/id_dsa
debug1: Trying private key: /c/Users/justinxa/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/justinxa/.ssh/id_ed25519
debug1: Trying private key: /c/Users/justinxa/.ssh/id_xmss
debug1: No more authentication methods to try.
JustinXa@qa-baseversion.cxmweb.com Permission denied (publickey).
有人可以帮助确定需要做什么或我做错了什么吗? 我检查了其他答案并尝试了所有可能性,但它仍然不起作用。
我只在 Linux 和 OS X 上测试过这个,但违反直觉的答案是这个(将首先解释解决方案,然后解释它为什么有效(:
-
使用 -i。我不知道 Windows 的确切语法差异,但在 *nix 系统上我会这样做:
ssh -i/path/to/publickey root@dropletip
-
将根 ssh 密钥复制到要登录的用户:
cp ~/.ssh/./home/my user/.ssh get
-
重新启动 ssh 守护程序(这取决于远程服务器上的 Linux 发行版(
从理论上讲,这是有效的,因为root帐户已经设置了正确的ssh密钥凭据(假设您在制作droplet时正确设置了它们(。您的新用户帐户尚未。
现在,您的问题并不完全清楚您尝试使用ssh-ing的用户。必须有一个,你首先需要以root身份做一些事情,而不仅仅是做一个非root用户。还有其他一些潜在问题:
- 您可能对本地密钥具有过于开放的权限。在Windows上解决此问题的一些想法位于此StackOverflow页面,尽管我个人尚未尝试通过SSH连接到具有ssh密钥身份验证的Windows中的droplet。
- 这取决于,但我注意到 SSH-keygen 的"注释字段"倾向于用您的用户名和本地主机名填充公钥的末尾。我有时会注意到,如果您创建一个公钥并确保将注释设置为 root@yourDroplet,另一个设置为 yourNewUser@yourDroplet,这可能会更顺畅;官方文件说评论字段被忽略了。