我在我的mac上生成了一个ssh密钥对,并将公钥添加到我的ubuntu服务器上(实际上,它是我mac上的一个虚拟机),但是当我尝试登录ubuntu服务器时,它说:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/Users/tudouya/.ssh/vm/vm_id_rsa.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /Users/tudouya/.ssh/vm/vm_id_rsa.pub
Permission denied (publickey,password).

我尝试了很多方法来解决这个问题,改变密钥文件模式,改变文件夹模式,作为一些答案在stackoverflow上,但它不起作用。 密钥文件权限:

vm dir:
drwxr-xr-x   4 tudouya  staff    136  4 29 10:37 vm

key file:
-rw-------  1 tudouya  staff  1679  4 29 10:30 vm_id_rsa
-rw-r--r--  1 tudouya  staff   391  4 29 10:30 vm_id_rsa.pub

请给我一些建议…… ========================================= 我将主机信息写入ssh_config:

Host ubuntuvm
    Hostname 10.211.55.17
    PreferredAuthentications publickey
    IdentityFile /Users/tudouya/.ssh/vm/vm_id_rsa.pub

执行命令“ssh -v ubuntu tuvm”,显示如下:

ssh -v ubuntuvm
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 103: Applying options for *
debug1: /etc/ssh_config line 175: Applying options for ubuntuvm
debug1: Connecting to 10.211.55.17 [10.211.55.17] port 22.
debug1: Connection established.
debug1: identity file /Users/tudouya/.ssh/vm/vm_id_rsa.pub type 1
debug1: identity file /Users/tudouya/.ssh/vm/vm_id_rsa.pub-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-8
debug1: match: OpenSSH_6.6.1p1 Ubuntu-8 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 55:6d:4f:0f:23:51:ac:8e:70:01:ec:0e:62:9e:1c:10
debug1: Host '10.211.55.17' is known and matches the RSA host key.
debug1: Found key in /Users/tudouya/.ssh/known_hosts:54
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/tudouya/.ssh/vm/vm_id_rsa.pub
debug1: Server accepts key: pkalg ssh-rsa blen 279
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/Users/tudouya/.ssh/vm/vm_id_rsa.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /Users/tudouya/.ssh/vm/vm_id_rsa.pub
debug1: No more authentication methods to try.
Permission denied (publickey,password).

当前回答

我建议你这样做:

chmod 400 ~/.ssh/id_rsa

这对我来说很有效。

其他回答

那些建议chmod 400 id_rsa的人。酒吧听起来一点也不对。op很可能使用pub密钥而不是私钥来ssh。

因此,它可能就像ssh -i /Users/tudouya/一样简单。Ssh /vm/vm_id_rsa(私钥)user@host进行修复。

——更新——

查看这篇文章https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2了解如何设置ssh密钥

很多类似的答案,但没有解释…

引发此错误是因为私钥文件权限太开放。这是一个安全风险。

将私钥文件的权限更改为最小(所有者只读)

更改所有者chown <unix-name> <private-key-file> 设置最小权限(只读文件所有者)chmod 400 <private-key-file>

debug1: identity file /Users/tudouya/.ssh/vm/vm_id_rsa.pub type 1

似乎您试图使用错误的密钥文件。带有“。”Pub”扩展包含密钥的公共部分。对应的文件不带“。Pub”扩展包含密钥的私有部分。当运行ssh客户端连接到远程服务器时,必须向ssh客户端提供私钥文件。

你可能在你的.ssh/config文件(或/etc/ssh_config)中有这样一行:

IdentityFile .../.ssh/vm/vm_id_rsa.pub

您需要删除“。Pub "从文件名扩展:

IdentityFile .../.ssh/vm/vm_id_rsa

密钥应该是可读的登录用户。

试试这个:

chmod 400 ~/.ssh/Key file
chmod 400 ~/.ssh/vm_id_rsa.pub

在运行以下命令后,它为我工作

sudo chmod 600 /path/to/my/key.pem