首页 > 系统相关 >SSH 登陆 Windows 时踩过的坑

SSH 登陆 Windows 时踩过的坑

时间:2024-04-22 19:56:14浏览次数:34  
标签:debug1 Users Windows MyUser SSH key 登陆 id ssh

有一次处于某些原因我在 Mac 上使用 SSH 远程登陆了 Windows,然后在 Windows 上使用 SSH 登陆 localhost,惊讶地发现登不进去!SSH 提示公钥验证失败。可是我的 Windows 使用的私钥和 Mac 是一样的,并且以前在 Windows 上也一直可以登陆 localhost,为什么今天突然不行了呢?

抱着百思不得姐的心情我开始了 debug。

我首先使用 ssh -v 命令查看连接过程中的日志:

$ ssh localhost -v
OpenSSH_for_Windows_8.6p1, LibreSSL 3.4.3
debug1: Reading configuration data C:\\Users\\MyUser/.ssh/config
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug1: identity file C:\\Users\\MyUser/.ssh/id_rsa type 0
debug1: identity file C:\\Users\\MyUser/.ssh/id_rsa-cert type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_dsa type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_dsa-cert type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_ecdsa type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_ecdsa-cert type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_ecdsa_sk type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_ed25519 type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_ed25519-cert type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_ed25519_sk type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_ed25519_sk-cert type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_xmss type -1
debug1: identity file C:\\Users\\MyUser/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3ubuntu0.7
debug1: compat_banner: match: OpenSSH_8.9p1 Ubuntu-3ubuntu0.7 pat OpenSSH* compat 0x04000000
debug1: Authenticating to localhost:22 as 'windows11'
debug1: load_hostkeys: fopen C:\\Users\\MyUser/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:SWsZo54/ljQNSNSieY+AyQ27sbR31qWnyCbv7hzkarg
debug1: load_hostkeys: fopen C:\\Users\\MyUser/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen __PROGRAMDATA__\\ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'localhost' is known and matches the ED25519 host key.
debug1: Found key in C:\\Users\\MyUser/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug1: Will attempt key: C:\\Users\\MyUser/.ssh/id_rsa RSA SHA256:Mqzkt00T7hxTv3hB2xbvKm7fron2ScNtlaNRbtuntvk
debug1: Will attempt key: C:\\Users\\MyUser/.ssh/id_dsa
debug1: Will attempt key: C:\\Users\\MyUser/.ssh/id_ecdsa
debug1: Will attempt key: C:\\Users\\MyUser/.ssh/id_ecdsa_sk
debug1: Will attempt key: C:\\Users\\MyUser/.ssh/id_ed25519
debug1: Will attempt key: C:\\Users\\MyUser/.ssh/id_ed25519_sk
debug1: Will attempt key: C:\\Users\\MyUser/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected]>   
debug1: kex_input_ext_info: [email protected] (unrecognised)
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: C:\\Users\\MyUser/.ssh/id_rsa RSA SHA256:Mqzkt00T7hxTv3hB2xbvKm7fron2ScNtlaNRbtuntvk
debug1: Authentications that can continue: publickey
debug1: Trying private key: C:\\Users\\MyUser/.ssh/id_dsa
debug1: Trying private key: C:\\Users\\MyUser/.ssh/id_ecdsa
debug1: Trying private key: C:\\Users\\MyUser/.ssh/id_ecdsa_sk
debug1: Trying private key: C:\\Users\\MyUser/.ssh/id_ed25519
debug1: Trying private key: C:\\Users\\MyUser/.ssh/id_ed25519_sk
debug1: Trying private key: C:\\Users\\MyUser/.ssh/id_xmss
debug1: No more authentication methods to try.
MyUser@localhost: Permission denied (publickey).

在日志中我发现了这样一行记录:

debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3ubuntu0.7

奇怪,我在 Windows 上连接 localhost,怎么连到一个 Ubuntu 版本的 OpenSSH 上了?

我立马想到了 WSL。

于是我使用 wsl --shutdown 命令关闭了所有 WSL 实例,再次尝试连接。

SSH 再次提示我远程主机的指纹变了,删除 known_hosts 后再次尝试,连接成功:

$ wsl --shutdown
$ ssh localhost
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:DHrLaqaBwTvslmpHDDUMma3P62c9xQrqDNj+v/DFAww.
Please contact your system administrator.
Add correct host key in C:\\Users\\MyUser/.ssh/known_hosts to get rid of this message.
Offending ED25519 key in C:\\Users\\MyUser/.ssh/known_hosts:1
Host key for localhost has changed and you have requested strict checking.
Host key verification failed.
$ rm .\known_hosts
$ ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
ED25519 key fingerprint is SHA256:DHrLaqaBwTvslmpHDDUMma3P62c9xQrqDNj+v/DFAww.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'localhost' (ED25519) to the list of known hosts.
>

确实是 WSL 在捣鬼。不过刚刚关闭 WSL 的时候 Docker 也自动退出了。之前我在 WSL 上并没有设置过有关网络镜像的配置,为什么会把 Windows 宿主机上的 localhost 映射到 WSL Ubuntu 虚拟机上呢?不过我的 WSL Ubuntu 共用宿主机的 Docker Desktop,会不会和 Docker Desktop 有关呢?

于是我打开了 WSL,但是关闭了 Docker Desktop,再次尝试连接 localhost,成功连接。

此时我再打开 Docker Desktop,然后尝试连接 localhost,于是发生了和开头相同的一幕:SSH 提示我远程主机指纹发生变化,删除 known_hosts 文件后再次尝试连接,提示公钥验证失败。

这时我想起 WSL Ubuntu 上设置的用户名和 Windows 不同,于是我在 ssh 命令中加上了 Ubuntu 用户名,再次尝试连接,成功登陆 WSL Ubuntu。

这个 Docker Desktop 真是奇怪,它的网络问题把我搞晕好几次了!

标签:debug1,Users,Windows,MyUser,SSH,key,登陆,id,ssh
From: https://www.cnblogs.com/Undefined443/p/18151271

相关文章

  • windows清理图标缓存
    bat文件内容::终止WindowsExplorer进程,用于重新加载桌面和任务栏taskkill/f/imexplorer.exe::取消设置图标缓存文件的隐藏属性和系统属性attrib-h-i%userprofile%\AppData\Local\IconCache.db::删除图标缓存文件,以便系统重新生成图标缓存del%userprofile%\Ap......
  • 使用nssm在windows服务器上部署nodejs
    在Linux上,可以轻松的使用forever或者pm2来部署nodejs应用。但是在windows下就麻烦了,pm2明确的说支持Linux&MacOS,forever在windows下貌似问题多多:  另外还有一个选择就是iisnode,这个有空研究一下,今天先说下比较简单的nssm。nssm会监控你安装的node服务,如果node挂了,nssm会......
  • 使用命令行 Windows 修改文件权限
    向文件添加管理员组和系统组的完全访问权限(F)icacls<file>/inheritance:r/grant"Administrators:F"/grant"SYSTEM:F"将<file>替换为你的文件名向文件添加指定用户(组)的完全访问权限(F)首先查询该用户的SID:$Get-LocalUser|Select-ObjectName,SIDName......
  • #include <windows.h> 无法打开源文件windows.h
    问题描述原因是之前清C盘的时候把WindowsSDK给卸了,这样的话在应用程序里就搜不到Windowssoftwaredevelopmentkit(下图是下回来后) 打开这个路径C:\ProgramFiles(x86)\WindowsKits\10\Include\10.0.10240.0(版本号可能不同)下面也没有um文件夹只有ucrt文件夹windows.h通常......
  • 关于 Envoy on Windows
    WindowImageinhub.cocker.comenvoy的镜像位于https://hub.docker.com/u/envoyproxy之下,其中Windows包括如下4个版本。envoy-windowshttps://hub.docker.com/r/envoyproxy/envoy-windowsenvoy-windows-devhttps://hub.docker.com/r/envoyproxy/envoy-windows-deve......
  • Windows快速安装Rust
    本文是最简最快最小化安装重点提示:如果不想安装VS消耗时间和6-8G的空间,可以按本文安装。如果系统中已经安装了VS,那么直接运行rustup-init安装Rust,并一路回车即可。前置条件:安装C++环境rust底层是依赖C环境的连接器,所以需要先安装C/C++编译环境,点击下载64位mingw-builds......
  • Windows Server 2008 R2 OVF, updated Apr 2024 (sysin) - VMware 虚拟机模板
    WindowsServer2008R2OVF,updatedApr2024(sysin)-VMware虚拟机模板WindowsServer2008R2简体中文版OVF,2024年4月更新请访问原文链接:WindowsServer2008R2OVF,updatedApr2024(sysin)-VMware虚拟机模板,查看最新版。原创作品,转载请保留出处。作者主......
  • Windows 7 & Windows Server 2008 R2 简体中文版下载 (updated Apr 2024)
    Windows7&WindowsServer2008R2简体中文版下载(updatedApr2024)Windows7&WindowsServer2008R2(2024年4月更新)请访问原文链接:Windows7&WindowsServer2008R2简体中文版下载(updatedApr2024),查看最新版。原创作品,转载请保留出处。作者主页:sysin.org......
  • Windows Server 2022 OVF, updated Apr 2024 (sysin) - VMware 虚拟机模板
    WindowsServer2022OVF,updatedApr2024(sysin)-VMware虚拟机模板2024年4月版本更新,现在自动运行sysprep,支持ESXiHostClient部署请访问原文链接:WindowsServer2022OVF,updatedApr2024(sysin)-VMware虚拟机模板,查看最新版。原创作品,转载请保留出处。作......
  • Windows Server 2022 中文版、英文版下载 (updated Apr 2024)
    WindowsServer2022中文版、英文版下载(updatedApr2024)WindowsServer2022正式版,x64请访问原文链接:WindowsServer2022中文版、英文版下载(updatedApr2024),查看最新版。原创作品,转载请保留出处。作者主页:sysin.org此次发布更新了什么?答:版本号,当然还有…2021.09......