我使用 Ubuntu 16.04。
我想通过单独的配置文件建立到亚马逊服务的 ssh 连接。
此外,我需要将文件从一台服务器传输到另一台服务器,这篇文章建议使用单独的配置文件。
当我使用它时它连接
ssh -i ~/Desktop/ssh_keys/prod.pem ec2-user@***.***.***.***
但当我使用单独的配置时则不然:
ssh -F ~/Desktop/ssh_keys/scp_config prod
scp_config:
Host prod
HostName ***.***.***.***
User ec2-user
CertificateFile ~/Desktop/ssh_keys/prod.pem
调试信息:
OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /home/user/Desktop/ssh_keys/scp_config
debug1: /home/user/Desktop/ssh_keys/scp_config line 1: Applying options for prod
debug1: Connecting to ***.***.***.*** [***.***.***.***] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: certificate file /home/user/Desktop/ssh_keys/prod.pem type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 174.129.126.138:22 as 'ec2-user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: [email protected]
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ****************
SHA256: ********************
debug1: Host '***.***.***.*** is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:8
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).
我的设置有什么问题?
您应该使用 IdentityFile 参数来指定您的私钥。
IdentityFile指定从中读取用户 RSA 身份验证身份的文件。
scp_config:
Host prod
HostName ***.***.***.***
User ec2-user
IdentityFile ~/Desktop/ssh_keys/prod.pem
CertificateFile 指定从中读取用户证书的文件。必须单独提供相应的私钥才能使用此证书从 IdentityFile 指令或 -i 标志到 ssh
IdentityFile 也可以与 CertificateFile 结合使用,以提供身份验证所需的任何证书。
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句