用SSH密钥配置一个新的数字海洋液滴。当我运行ssh-copy-id时,这是我得到的:
ssh-copy-id user@012.345.67.89
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
sign_and_send_pubkey: signing failed: agent refused operation
user@012.345.67.89's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'user@012.345.67.89'"
and check to make sure that only the key(s) you wanted were added.
然而,当我尝试ssh时,会发生这种情况:
ssh user@012.345.67.89
sign_and_send_pubkey: signing failed: agent refused operation
user@012.345.67.89's password:
输入密码后,我可以正常登录,但这当然违背了创建SSH密钥的初衷。我决定看看ssh-agent服务器端,下面是我得到的:
user@012.345.67.89:~# eval `ssh-agent -s`
Agent pid 5715
user@012.345.67.89:~# ssh-add -l
The agent has no identities.
用户/。Ssh /authorized_keys也包含Ssh -rsa密钥条目,但是find name "keynamehere"没有返回任何内容。
正如其他人所提到的,这个错误可能有多种原因。
如果您正在使用SSH with Smart Card (PIV),并将该卡添加到SSH -agent with
Ssh-add -s /usr/lib64/pkcs11/opensc-pkcs11.so
你可能会得到错误
Sign_and_send_pubkey:签名失败:代理拒绝操作
如果PIV身份验证已经过期,或者如果您已经移除并重新插入PIV卡,则从ssh登录。
在这种情况下,如果你尝试执行另一个ssh-add -s,你仍然会得到一个错误:
无法添加卡片"/usr/lib64/opensc-pkcs11。所以:代理拒绝操作
根据RedHat Bug 1609055 - pkcs11在代理中的支持是笨拙的,你反而需要做
ssh-add -e /usr/lib64/opensc-pkcs11.so
ssh-add -s /usr/lib64/opensc-pkcs11.so
对于这个错误:
# git pull
sign_and_send_pubkey: signing failed: agent refused operation
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
在Github帐户>配置文件> ssh中再次验证或添加公钥。
我是这样解决的:
# chmod 400 ~/.ssh/id_rsa
# ls ~/.ssh/id_rsa -ls
4 -r--------. 1 reinaldo reinaldo 1679 Jul 26 2017 /home/reinaldo/.ssh/id_rsa
# git pull
remote: Counting objects: 35, done.
remote: Compressing objects: 100% (19/19), done.
remote: Total 35 (delta 9), reused 34 (delta 9), pack-reused 0
Unpacking objects: 100% (35/35), done.
谢谢你!
