cygwin上的公钥认证问题 [英] Public key authentication issues on cygwin

问题描述

我一直在尝试ssh localhost在cygwin（我使用WIndows 7），但它不断要求密码。

I've been trying "ssh localhost" on cygwin (I use WIndows 7), but it keeps asking for the password.

当我执行ssh -vvv localhost时，我发现公钥认证没有发生（或失败）。因此，它要求输入密码。

When I did "ssh -vvv localhost", I found out that the public key authentications were not happening (or failing). Hence, it was asking for the password.

debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/xxxxxxxx/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive

我不确定是否无法读取authorized_keys文件，或者是否有超时问题，还是认证失败？有任何方法可以获取更多详细信息吗？

我已经完成以下步骤：

• ssh-host-config。


• 生成RSA密钥并将其添加到authorized_keys文件。


• net start sshd


• ssh localhost

• ssh-host-config. Answered yes to all.
• Generated the RSA key and added it to the authorized_keys file.
• net start sshd
• ssh localhost

这些是权限：

-rw------- 1 xxxxxxxx mkgroup  402 May 18 16:34 authorized_keys
-rw------- 1 xxxxxxxx mkgroup 1675 May 18 16:33 id_rsa
-rw-r--r-- 1 xxxxxxxx mkgroup  402 May 18 16:33 id_rsa.pub
-rw-r--r-- 1 xxxxxxxx mkgroup  171 May 18 14:33 known_hosts

还有一些问题：
- 组显示为mkgroup。
- 用户xxxxxxxx不存在于本地主机，我猜。
它不显示在net user sshd中。 xxxxxxxx是域帐户。
这是否会导致公钥认证问题？

There are a couple of issues as well: - The group is displayed as mkgroup. - The user "xxxxxxxx" does not exist in the localhost, I guess. It was not displayed in "net user sshd". "xxxxxxxx" is a Domain account. Could this be causing the public key authentication issue?

只是为了看看输出是否有任何不同，我删除了authorized_keys文件并尝试。输出没有差别。它仍然发送分组并且进行到下一验证模式。没有错误消息。有没有其他方法获得更多的细节（我是Cygwin和SSH n00b）？我想在阅读authorized_keys文件时发现它失败。

Just to see if there is any difference in the output, I deleted the authorized_keys file and tried. There was no difference in the output. It still sends a packet and proceeds to the next mode of authentication. There is no error message. Is there any other way to get more details (I'm a Cygwin and SSH n00b)? I would like to find it fails while reading the authorized_keys file.

推荐答案

快速复查，添加您的公钥或private key to authorized_keys？它需要是您的公钥。

Quick double-check, did you add your public key or private key to authorized_keys? It needs to be your public key.

我注意到服务器没有响应服务器接受密钥...在收到您的pubkey_test和我已经看到当您连接到的服务器上的authorized_keys文件缺少公钥时。您应该看到：

I notice that the server is not responding with a "Server accepts key..." upon receipt of your pubkey_test and I have seen that when the public key is missing from the authorized_keys file on the server you're connecting to. You should see:

debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279

最简单的设置方法是使用ssh-copy-id来做工作，例如：

Easiest way to set it up is to use ssh-copy-id to do the work, e.g.,:

# ssh-copy-id localhost

这将创建具有正确权限的authorized_keys文件。运行此操作时，系统将提示您输入密码，因为服务器没有密钥。一旦该命令成功运行，您就可以使用您的身份文件简单地ssh到服务器。注意，ssh_config默认身份文件为〜/ .ssh / identity，〜/ .ssh / id_rsa，〜/ .ssh / id_dsa，所以如果你想使用不同的文件，你应该在〜/ .ssh中设置一个别名/ config。

That will create your authorized_keys file with the correct permissions. When you run this, you will be prompted for your password, because the server doesn't have the key. Once this command runs successfully, you'll be able to simply ssh to the server using your identity file. Note that ssh_config defaults the identity file to ~/.ssh/identity, ~/.ssh/id_rsa, ~/.ssh/id_dsa, so if you want to use a different file, you should set up an alias in ~/.ssh/config.

希望这有帮助。

这篇关于cygwin上的公钥认证问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！