首页 > 系统相关 >Linux 做 SSH 免密连接 Windows 踩坑记录

Linux 做 SSH 免密连接 Windows 踩坑记录

时间:2024-08-16 19:49:38浏览次数:16  
标签:debug1 debug3 免密 Windows packet debug2 SSH type ssh

做 Linux SSH 免密连接 Windows 10 时踩到个坑,按照教程做了以下操作:

  1. 把 Linux 上生成的 id_rsa.pub 复制到了 Windows 10 下的C:/Users/<用户名>/authorized_keys;
  2. 修改C:\ProgramData\ssh\sshd_config,注释以下两行
    # Match Group administrators
    #        AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys
    
    去掉注释并修改以下三行
    PubkeyAuthentication yes
    AuthorizedKeysFile	.ssh/authorized_keys
    PasswordAuthentication yes
    
  3. 在服务中重启OpenSSH SSH Server

但 Linux SSH 连接 Windows 10 仍然需要输入密码。

输入 ssh -vvv <username>@<hostname> 查看详细信息,如下图所示

debug1: Found key in /root/.ssh/known_hosts:3
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /root/.ssh/id_rsa (0x55e2db0f5e30)
debug2: key: /root/.ssh/id_dsa ((nil))
debug2: key: /root/.ssh/id_ecdsa ((nil))
debug2: key: /root/.ssh/id_ed25519 ((nil))
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ecdsa
debug3: no such identity: /root/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ed25519
debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).

问题大概出在这里

debug1: Offering RSA public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51

折腾一下午找到解决方案如下:

修改vim /etc/ssh/sshd_config, 去掉以下行注释并修改为no

StrictModes no

在服务中重启 OpenSSH SSH Server 即可,测试免密登录成功。

网上找到的原因是如果 StrictModes 为 yes 必需保证存放公钥的文件夹的拥有与登录用户名相同,但我看.ssh的拥有者确实是与登录用户名相同的。Windows的权限机制不是太了解,以后会再研究下。

标签:debug1,debug3,免密,Windows,packet,debug2,SSH,type,ssh
From: https://www.cnblogs.com/SquidSea/p/18363540

相关文章

  • utilman.exe 是 Windows 操作系统中的一个系统工具程序,全称为 Utility Manager。它的
    utilman.exe(实用工具管理器)在Windows系统中主要用于启动辅助功能工具,但它也曾经被发现存在一些安全漏洞。这些漏洞通常利用utilman.exe的特性进行权限提升或绕过安全机制。以下是一些已知的与utilman.exe相关的公开漏洞:1. CVE-2019-0708(BlueKeep)描述:这个漏洞影响了......
  • Ettercap 是一个用于网络嗅探和中间人攻击的开源工具,主要用于网络安全测试和分析。它
    Ettercap是一个用于网络嗅探和中间人攻击的开源工具,主要用于网络安全测试和分析。它支持多种平台,包括Linux、Windows和macOS。Ettercap可以用来监视、分析、和修改网络流量,通常用于测试和审计网络的安全性。以下是Ettercap的一些主要功能和特点:主要功能嗅探和分析网络......
  • MNN框架在windows上的部署
    一、MNN.lib文件等的生成算是第一次接触MNN框架部署这部分内容吧,对整个流程都不是很理解,故先从官方文档入手先从github下载官方的项目,地址为:https://github.com/alibaba/MNN使用visualstudio的powershell打开,执行官网给出的指令cdpath/to/MNNpowershell./schema/generat......
  • 实现Windows之间(win10)的桌面连接的三步走方法
    实现Windows之间(win10)的远程桌面连接的三步走方法‍目录‍目录实现Windows之间(win10)的远程桌面连接的三步走方法目录环境step1:打开两台Windows电脑的远程桌面连接step2:运行窗口输入mstsc​命令后,打开远程桌面连接窗口step3:输入目标计算机的IP地址后,再输入对应的用户名和密码......
  • Windows操作系统远程桌面端口修改脚本
    change_rdsport_CN.bat:@echooffcolorf0echo修改远程桌面3389端口(支持Windows2003,2008,2008R2,2012,2012R2,7,8,10)echo自动添加防火墙规则set/pc=请输入新的端口:if"%c%"==""gotoend:editnetshadvfirewallfirewalladdrulename="RemotePortNum......
  • 实现Windows之间(win10)的桌面连接的三步走方法
    实现Windows之间(win10)的桌面连接的三步走方法‍目录‍目录实现Windows之间(win10)的桌面连接的三步走方法目录环境step1:打开两台Windows电脑的桌面连接step2:运行窗口输入mstsc​命令后,打开远程桌面连接窗口step3:输入目标计算机的IP地址后,再输入对应的用户名和密码即可连接‍......
  • 记net 7.0 使用Windows 批处理 和exe 程序的快速打包 更新
     如图,项目路径,我们使用publis.bat批处理进行项目打包,将编译的项目文件压缩成zip包放到publish文件夹@echooffsetcur_path=%~dp0 setfe_build_path=%cur_path%build\setbe_pub_path=%cur_path%publish\setcompress_tool=%cur_path%tools\7za.exeecho*当前地......
  • linux expect,linux ssh免密登录
    一、概述1.0ssh免密登录最佳实践二、expect工具实现免密交互Expect是一个免费的编程工具语言,用来实现自动和交互式任务进行通信,而无需人的干预。CentOS安装:yuminstallexpect-yCentOS离线安装方式:https://www.cnblogs.com/tozh/p/10096688.html安装结束记得看一下exp......
  • 获取Windows个性化中自带的聚焦锁屏
    想要保存登录屏幕(锁屏界面)的背景图片,可以通过以下脚本一键获取:@echooffsetlocalenabledelayedexpansion::WindowsSpotlight锁屏图片资源地址set"sourcePath=%localappdata%\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\LocalState\Assets"::......
  • 远程开发之sshfs挂载到wsl
    为应对回调问题而远程开发。远程太慢,便挂载本地,但是windows直接sshfs挂载一直掉。win10启用wsl,把远程挂载过来[email protected]:\path~/path如果你也是上述问题,那么很肯定是权限问题。使用:-C-oreconnect,uid=$(id-u),gid=$(id-g),umask=000如上还是不能访......