teratail
回答率
85.47%
質問するログイン新規登録
トップに関する質問ssh ログインに失敗する

編集履歴

質問編集履歴

3

削除された内容の復元を行いました

2020/03/03 10:32

投稿

退会済みユーザー
test CHANGED
@@ -1 +1 @@
1
- テストテストテストテスト
1
+ ssh ログインに失敗する
test CHANGED
@@ -1,3 +1,269 @@
1
- 推測ですが、user1 の鍵ファイルの所有者、パーミッションが不適切であるめに妥当な鍵として認識されないと考えられます。 こういう場合、rootのターミナルを残した状態でuser1のログインを試す方が安全ですね。 解決策は、すみません、ログインしたい実機を触れる状態以外思いつきませんでした。
2
-
3
- 鍵のペアを作り、それをどこに配置したのかを明記されるとよろしいかと思います。user1行ったのですよね?。-iオプショを指定して、明示的に作成た鍵を指定するとどうなりすか? た、known_hostsファイルを一度削除してから試されると良いです。
1
+ ### 前提・実現したい
2
+
3
+ ローカルからsshログイに失敗してしまます。
4
+
5
+ rootでuser1を作成後に公開鍵認証を行おうとして、鍵のペアを作りsshdを更新後シェルを閉じ、公開鍵認証でuser1でログインしようとしたら上記のエラーが出ました。
6
+
7
+ ### 発生している問題・エラーメッセージ
8
+
9
+ ```
10
+
11
+ # ssh user1@v150-95-210-159.oqw3.static.cnode.io
12
+
13
+ Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
14
+
15
+ ```
16
+
17
+ ```ここに言語を入力
18
+
19
+ #ssh -vvv v150-95-210-159.oqw3.static.cnode.io
20
+
21
+ OpenSSH_7.9p1, LibreSSL 2.7.3
22
+
23
+ debug1: Reading configuration data /etc/ssh/ssh_config
24
+
25
+ debug1: /etc/ssh/ssh_config line 48: Applying options for *
26
+
27
+ debug2: resolving "v150-95-210-159.oqw3.static.cnode.io" port 22
28
+
29
+ debug2: ssh_connect_direct
30
+
31
+ debug1: Connecting to v150-95-210-159.oqw3.static.cnode.io [150.95.210.159] port 22.
32
+
33
+ debug1: Connection established.
34
+
35
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_rsa type 0
36
+
37
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_rsa-cert type -1
38
+
39
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_dsa type -1
40
+
41
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_dsa-cert type -1
42
+
43
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_ecdsa type -1
44
+
45
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_ecdsa-cert type -1
46
+
47
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_ed25519 type -1
48
+
49
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_ed25519-cert type -1
50
+
51
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_xmss type -1
52
+
53
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_xmss-cert type -1
54
+
55
+ debug1: Local version string SSH-2.0-OpenSSH_7.9
56
+
57
+ debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
58
+
59
+ debug1: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
60
+
61
+ debug2: fd 5 setting O_NONBLOCK
62
+
63
+ debug1: Authenticating to v150-95-210-159.oqw3.static.cnode.io:22 as 'aoyamaryuta'
64
+
65
+ debug3: hostkeys_foreach: reading file "/Users/aoyamaryuta/.ssh/known_hosts"
66
+
67
+ debug3: record_hostkey: found key type ECDSA in file /Users/aoyamaryuta/.ssh/known_hosts:3
68
+
69
+ debug3: load_hostkeys: loaded 1 keys from v150-95-210-159.oqw3.static.cnode.io
70
+
71
+ debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
72
+
73
+ debug3: send packet: type 20
74
+
75
+ debug1: SSH2_MSG_KEXINIT sent
76
+
77
+ debug3: receive packet: type 20
78
+
79
+ debug1: SSH2_MSG_KEXINIT received
80
+
81
+ debug2: local client KEXINIT proposal
82
+
83
+ debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
84
+
85
+ debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
86
+
87
+ debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
88
+
89
+ debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
90
+
91
+ debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
92
+
93
+ debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
94
+
95
+ debug2: compression ctos: none,zlib@openssh.com,zlib
96
+
97
+ debug2: compression stoc: none,zlib@openssh.com,zlib
98
+
99
+ debug2: languages ctos:
100
+
101
+ debug2: languages stoc:
102
+
103
+ debug2: first_kex_follows 0
104
+
105
+ debug2: reserved 0
106
+
107
+ debug2: peer server KEXINIT proposal
108
+
109
+ debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
110
+
111
+ debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
112
+
113
+ debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
114
+
115
+ debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
116
+
117
+ debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
118
+
119
+ debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
120
+
121
+ debug2: compression ctos: none,zlib@openssh.com
122
+
123
+ debug2: compression stoc: none,zlib@openssh.com
124
+
125
+ debug2: languages ctos:
126
+
127
+ debug2: languages stoc:
128
+
129
+ debug2: first_kex_follows 0
130
+
131
+ debug2: reserved 0
132
+
133
+ debug1: kex: algorithm: curve25519-sha256
134
+
135
+ debug1: kex: host key algorithm: ecdsa-sha2-nistp256
136
+
137
+ debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
138
+
139
+ debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
140
+
141
+ debug3: send packet: type 30
142
+
143
+ debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
144
+
145
+ debug3: receive packet: type 31
146
+
147
+ debug1: Server host key: ecdsa-sha2-nistp256 SHA256:cTwGlPQehbkQ5LF07+MdMabVAYmqpLkfr6opUUMp2sM
148
+
149
+ debug3: hostkeys_foreach: reading file "/Users/aoyamaryuta/.ssh/known_hosts"
150
+
151
+ debug3: record_hostkey: found key type ECDSA in file /Users/aoyamaryuta/.ssh/known_hosts:3
152
+
153
+ debug3: load_hostkeys: loaded 1 keys from v150-95-210-159.oqw3.static.cnode.io
154
+
155
+ debug3: hostkeys_foreach: reading file "/Users/aoyamaryuta/.ssh/known_hosts"
156
+
157
+ debug3: record_hostkey: found key type ECDSA in file /Users/aoyamaryuta/.ssh/known_hosts:4
158
+
159
+ debug3: load_hostkeys: loaded 1 keys from 150.95.210.159
160
+
161
+ debug1: Host 'v150-95-210-159.oqw3.static.cnode.io' is known and matches the ECDSA host key.
162
+
163
+ debug1: Found key in /Users/aoyamaryuta/.ssh/known_hosts:3
164
+
165
+ debug3: send packet: type 21
166
+
167
+ debug2: set_newkeys: mode 1
168
+
169
+ debug1: rekey after 134217728 blocks
170
+
171
+ debug1: SSH2_MSG_NEWKEYS sent
172
+
173
+ debug1: expecting SSH2_MSG_NEWKEYS
174
+
175
+ debug3: receive packet: type 21
176
+
177
+ debug1: SSH2_MSG_NEWKEYS received
178
+
179
+ debug2: set_newkeys: mode 0
180
+
181
+ debug1: rekey after 134217728 blocks
182
+
183
+ debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_rsa RSA SHA256:ZNYMIGyMpLlMRMlZMxgQO4TZ3m3Bi0VnxiwfdzcX6ys
184
+
185
+ debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_dsa
186
+
187
+ debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_ecdsa
188
+
189
+ debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_ed25519
190
+
191
+ debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_xmss
192
+
193
+ debug2: pubkey_prepare: done
194
+
195
+ debug3: send packet: type 5
196
+
197
+ debug3: receive packet: type 7
198
+
199
+ debug1: SSH2_MSG_EXT_INFO received
200
+
201
+ debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
202
+
203
+ debug3: receive packet: type 6
204
+
205
+ debug2: service_accept: ssh-userauth
206
+
207
+ debug1: SSH2_MSG_SERVICE_ACCEPT received
208
+
209
+ debug3: send packet: type 50
210
+
211
+ debug3: receive packet: type 51
212
+
213
+ debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
214
+
215
+ debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic
216
+
217
+ debug3: preferred publickey,keyboard-interactive,password
218
+
219
+ debug3: authmethod_lookup publickey
220
+
221
+ debug3: remaining preferred: keyboard-interactive,password
222
+
223
+ debug3: authmethod_is_enabled publickey
224
+
225
+ debug1: Next authentication method: publickey
226
+
227
+ debug1: Offering public key: /Users/aoyamaryuta/.ssh/id_rsa RSA SHA256:ZNYMIGyMpLlMRMlZMxgQO4TZ3m3Bi0VnxiwfdzcX6ys
228
+
229
+ debug3: send packet: type 50
230
+
231
+ debug2: we sent a publickey packet, wait for reply
232
+
233
+ debug3: receive packet: type 51
234
+
235
+ debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
236
+
237
+ debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_dsa
238
+
239
+ debug3: no such identity: /Users/aoyamaryuta/.ssh/id_dsa: No such file or directory
240
+
241
+ debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_ecdsa
242
+
243
+ debug3: no such identity: /Users/aoyamaryuta/.ssh/id_ecdsa: No such file or directory
244
+
245
+ debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_ed25519
246
+
247
+ debug3: no such identity: /Users/aoyamaryuta/.ssh/id_ed25519: No such file or directory
248
+
249
+ debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_xmss
250
+
251
+ debug3: no such identity: /Users/aoyamaryuta/.ssh/id_xmss: No such file or directory
252
+
253
+ debug2: we did not send a packet, disable method
254
+
255
+ debug1: No more authentication methods to try.
256
+
257
+ aoyamaryuta@v150-95-210-159.oqw3.static.cnode.io: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
258
+
259
+ ```
260
+
261
+ ### 試したこと
262
+
263
+ - rootアカウントでのログインを禁止しています。
264
+
265
+ - パスワードでのログインを禁止しています。
266
+
267
+ ### 補足情報(FW/ツールのバージョンなど)
268
+
269
+ ここにより詳細な情報を記載してください。

2

閉鎖しました

2020/03/03 10:32

投稿

退会済みユーザー
test CHANGED
@@ -1 +1 @@
1
- ssh ログインに失敗する
1
+ テストテストテストテスト
test CHANGED
@@ -1,285 +1,3 @@
1
- ### 前提・したいこと
1
+ 推測ですが、user1 の鍵ファイルの所有者、パーミッションが不適切であるために妥当な鍵として認識されないと考えられます。 こういう場合、rootのターミナルを残した状態でuser1のログインを試す方が安全ですね。 解決策は、すみません、ログインしたい機を触れる状態以外思いつきませんでした
2
2
 
3
-
4
-
5
- ローカルからsshでログインに失敗してしまいます。
6
-
7
- rootでuser1を作成後に公開鍵認証を行おうとして、鍵のペアを作りsshdを更新後シェルを閉じ、公開鍵認証でuser1でログインしようとしたら上記のエラーが出ました。
8
-
9
-
10
-
11
- ### 発生している問題・エラーメッセージ
12
-
13
-
14
-
15
- ```
16
-
17
- # ssh user1@v150-95-210-159.oqw3.static.cnode.io
18
-
19
- Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
20
-
21
- ```
22
-
23
- ```ここに言語を入力
24
-
25
- #ssh -vvv v150-95-210-159.oqw3.static.cnode.io
26
-
27
- OpenSSH_7.9p1, LibreSSL 2.7.3
28
-
29
- debug1: Reading configuration data /etc/ssh/ssh_config
30
-
31
- debug1: /etc/ssh/ssh_config line 48: Applying options for *
32
-
33
- debug2: resolving "v150-95-210-159.oqw3.static.cnode.io" port 22
34
-
35
- debug2: ssh_connect_direct
36
-
37
- debug1: Connecting to v150-95-210-159.oqw3.static.cnode.io [150.95.210.159] port 22.
38
-
39
- debug1: Connection established.
40
-
41
- debug1: identity file /Users/aoyamaryuta/.ssh/id_rsa type 0
42
-
43
- debug1: identity file /Users/aoyamaryuta/.ssh/id_rsa-cert type -1
44
-
45
- debug1: identity file /Users/aoyamaryuta/.ssh/id_dsa type -1
46
-
47
- debug1: identity file /Users/aoyamaryuta/.ssh/id_dsa-cert type -1
48
-
49
- debug1: identity file /Users/aoyamaryuta/.ssh/id_ecdsa type -1
50
-
51
- debug1: identity file /Users/aoyamaryuta/.ssh/id_ecdsa-cert type -1
52
-
53
- debug1: identity file /Users/aoyamaryuta/.ssh/id_ed25519 type -1
54
-
55
- debug1: identity file /Users/aoyamaryuta/.ssh/id_ed25519-cert type -1
56
-
57
- debug1: identity file /Users/aoyamaryuta/.ssh/id_xmss type -1
58
-
59
- debug1: identity file /Users/aoyamaryuta/.ssh/id_xmss-cert type -1
60
-
61
- debug1: Local version string SSH-2.0-OpenSSH_7.9
62
-
63
- debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
64
-
65
- debug1: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
66
-
67
- debug2: fd 5 setting O_NONBLOCK
68
-
69
- debug1: Authenticating to v150-95-210-159.oqw3.static.cnode.io:22 as 'aoyamaryuta'
70
-
71
- debug3: hostkeys_foreach: reading file "/Users/aoyamaryuta/.ssh/known_hosts"
72
-
73
- debug3: record_hostkey: found key type ECDSA in file /Users/aoyamaryuta/.ssh/known_hosts:3
74
-
75
- debug3: load_hostkeys: loaded 1 keys from v150-95-210-159.oqw3.static.cnode.io
76
-
77
- debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
78
-
79
- debug3: send packet: type 20
80
-
81
- debug1: SSH2_MSG_KEXINIT sent
82
-
83
- debug3: receive packet: type 20
84
-
85
- debug1: SSH2_MSG_KEXINIT received
86
-
87
- debug2: local client KEXINIT proposal
88
-
89
- debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
90
-
91
- debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
92
-
93
- debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
94
-
95
- debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
96
-
97
- debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
98
-
99
- debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
100
-
101
- debug2: compression ctos: none,zlib@openssh.com,zlib
102
-
103
- debug2: compression stoc: none,zlib@openssh.com,zlib
104
-
105
- debug2: languages ctos:
106
-
107
- debug2: languages stoc:
108
-
109
- debug2: first_kex_follows 0
110
-
111
- debug2: reserved 0
112
-
113
- debug2: peer server KEXINIT proposal
114
-
115
- debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
116
-
117
- debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
118
-
119
- debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
120
-
121
- debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
122
-
123
- debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
124
-
125
- debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
126
-
127
- debug2: compression ctos: none,zlib@openssh.com
128
-
129
- debug2: compression stoc: none,zlib@openssh.com
130
-
131
- debug2: languages ctos:
132
-
133
- debug2: languages stoc:
134
-
135
- debug2: first_kex_follows 0
136
-
137
- debug2: reserved 0
138
-
139
- debug1: kex: algorithm: curve25519-sha256
140
-
141
- debug1: kex: host key algorithm: ecdsa-sha2-nistp256
142
-
143
- debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
144
-
145
- debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
146
-
147
- debug3: send packet: type 30
148
-
149
- debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
150
-
151
- debug3: receive packet: type 31
152
-
153
- debug1: Server host key: ecdsa-sha2-nistp256 SHA256:cTwGlPQehbkQ5LF07+MdMabVAYmqpLkfr6opUUMp2sM
154
-
155
- debug3: hostkeys_foreach: reading file "/Users/aoyamaryuta/.ssh/known_hosts"
156
-
157
- debug3: record_hostkey: found key type ECDSA in file /Users/aoyamaryuta/.ssh/known_hosts:3
158
-
159
- debug3: load_hostkeys: loaded 1 keys from v150-95-210-159.oqw3.static.cnode.io
160
-
161
- debug3: hostkeys_foreach: reading file "/Users/aoyamaryuta/.ssh/known_hosts"
162
-
163
- debug3: record_hostkey: found key type ECDSA in file /Users/aoyamaryuta/.ssh/known_hosts:4
164
-
165
- debug3: load_hostkeys: loaded 1 keys from 150.95.210.159
166
-
167
- debug1: Host 'v150-95-210-159.oqw3.static.cnode.io' is known and matches the ECDSA host key.
168
-
169
- debug1: Found key in /Users/aoyamaryuta/.ssh/known_hosts:3
170
-
171
- debug3: send packet: type 21
172
-
173
- debug2: set_newkeys: mode 1
174
-
175
- debug1: rekey after 134217728 blocks
176
-
177
- debug1: SSH2_MSG_NEWKEYS sent
178
-
179
- debug1: expecting SSH2_MSG_NEWKEYS
180
-
181
- debug3: receive packet: type 21
182
-
183
- debug1: SSH2_MSG_NEWKEYS received
184
-
185
- debug2: set_newkeys: mode 0
186
-
187
- debug1: rekey after 134217728 blocks
188
-
189
- debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_rsa RSA SHA256:ZNYMIGyMpLlMRMlZMxgQO4TZ3m3Bi0VnxiwfdzcX6ys
190
-
191
- debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_dsa
192
-
193
- debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_ecdsa
194
-
195
- debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_ed25519
196
-
197
- debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_xmss
198
-
199
- debug2: pubkey_prepare: done
200
-
201
- debug3: send packet: type 5
202
-
203
- debug3: receive packet: type 7
204
-
205
- debug1: SSH2_MSG_EXT_INFO received
206
-
207
- debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
208
-
209
- debug3: receive packet: type 6
210
-
211
- debug2: service_accept: ssh-userauth
212
-
213
- debug1: SSH2_MSG_SERVICE_ACCEPT received
214
-
215
- debug3: send packet: type 50
216
-
217
- debug3: receive packet: type 51
218
-
219
- debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
220
-
221
- debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic
222
-
223
- debug3: preferred publickey,keyboard-interactive,password
224
-
225
- debug3: authmethod_lookup publickey
226
-
227
- debug3: remaining preferred: keyboard-interactive,password
228
-
229
- debug3: authmethod_is_enabled publickey
230
-
231
- debug1: Next authentication method: publickey
232
-
233
- debug1: Offering public key: /Users/aoyamaryuta/.ssh/id_rsa RSA SHA256:ZNYMIGyMpLlMRMlZMxgQO4TZ3m3Bi0VnxiwfdzcX6ys
234
-
235
- debug3: send packet: type 50
236
-
237
- debug2: we sent a publickey packet, wait for reply
238
-
239
- debug3: receive packet: type 51
240
-
241
- debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
242
-
243
- debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_dsa
244
-
245
- debug3: no such identity: /Users/aoyamaryuta/.ssh/id_dsa: No such file or directory
246
-
247
- debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_ecdsa
248
-
249
- debug3: no such identity: /Users/aoyamaryuta/.ssh/id_ecdsa: No such file or directory
250
-
251
- debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_ed25519
252
-
253
- debug3: no such identity: /Users/aoyamaryuta/.ssh/id_ed25519: No such file or directory
254
-
255
- debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_xmss
256
-
257
- debug3: no such identity: /Users/aoyamaryuta/.ssh/id_xmss: No such file or directory
258
-
259
- debug2: we did not send a packet, disable method
260
-
261
- debug1: No more authentication methods to try.
262
-
263
- aoyamaryuta@v150-95-210-159.oqw3.static.cnode.io: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
264
-
265
- ```
266
-
267
-
268
-
269
- ### 試したこと
270
-
271
-
272
-
273
- - rootアカウントでのログインを禁止しています。
274
-
275
- - パスワードでのログインを禁止しています。
276
-
277
-
278
-
279
-
280
-
281
- ### 補足情報(FW/ツールのバージョンなど)
282
-
283
-
284
-
285
- ここにより詳細な情報を記載してください。
3
+ 鍵のペアを作り、それらをどこに配置したのかを明記されるとよろしいかと思います。user1で行ったのですよね?。-iオプションを指定して、明示的に作成した鍵を指定するとどうなりますか? また、known_hostsファイルを一度削除してから試されると良いです。

1

debug情報を追加

2020/03/03 07:17

投稿

退会済みユーザー
test CHANGED
File without changes
test CHANGED
@@ -4,6 +4,8 @@
4
4
 
5
5
  ローカルからsshでログインに失敗してしまいます。
6
6
 
7
+ rootでuser1を作成後に公開鍵認証を行おうとして、鍵のペアを作りsshdを更新後シェルを閉じ、公開鍵認証でuser1でログインしようとしたら上記のエラーが出ました。
8
+
7
9
 
8
10
 
9
11
  ### 発生している問題・エラーメッセージ
@@ -12,25 +14,253 @@
12
14
 
13
15
  ```
14
16
 
17
+ # ssh user1@v150-95-210-159.oqw3.static.cnode.io
18
+
15
19
  Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
16
20
 
17
-
18
-
19
-
20
-
21
21
  ```
22
22
 
23
-
24
-
25
- ### 該当のソースコード
26
-
27
-
28
-
29
- ```ここに言語名を入力
30
-
31
- # ssh user1@host
32
-
33
-
23
+ ```ここに言語を入力
24
+
25
+ #ssh -vvv v150-95-210-159.oqw3.static.cnode.io
26
+
27
+ OpenSSH_7.9p1, LibreSSL 2.7.3
28
+
29
+ debug1: Reading configuration data /etc/ssh/ssh_config
30
+
31
+ debug1: /etc/ssh/ssh_config line 48: Applying options for *
32
+
33
+ debug2: resolving "v150-95-210-159.oqw3.static.cnode.io" port 22
34
+
35
+ debug2: ssh_connect_direct
36
+
37
+ debug1: Connecting to v150-95-210-159.oqw3.static.cnode.io [150.95.210.159] port 22.
38
+
39
+ debug1: Connection established.
40
+
41
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_rsa type 0
42
+
43
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_rsa-cert type -1
44
+
45
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_dsa type -1
46
+
47
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_dsa-cert type -1
48
+
49
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_ecdsa type -1
50
+
51
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_ecdsa-cert type -1
52
+
53
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_ed25519 type -1
54
+
55
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_ed25519-cert type -1
56
+
57
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_xmss type -1
58
+
59
+ debug1: identity file /Users/aoyamaryuta/.ssh/id_xmss-cert type -1
60
+
61
+ debug1: Local version string SSH-2.0-OpenSSH_7.9
62
+
63
+ debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
64
+
65
+ debug1: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
66
+
67
+ debug2: fd 5 setting O_NONBLOCK
68
+
69
+ debug1: Authenticating to v150-95-210-159.oqw3.static.cnode.io:22 as 'aoyamaryuta'
70
+
71
+ debug3: hostkeys_foreach: reading file "/Users/aoyamaryuta/.ssh/known_hosts"
72
+
73
+ debug3: record_hostkey: found key type ECDSA in file /Users/aoyamaryuta/.ssh/known_hosts:3
74
+
75
+ debug3: load_hostkeys: loaded 1 keys from v150-95-210-159.oqw3.static.cnode.io
76
+
77
+ debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
78
+
79
+ debug3: send packet: type 20
80
+
81
+ debug1: SSH2_MSG_KEXINIT sent
82
+
83
+ debug3: receive packet: type 20
84
+
85
+ debug1: SSH2_MSG_KEXINIT received
86
+
87
+ debug2: local client KEXINIT proposal
88
+
89
+ debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
90
+
91
+ debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
92
+
93
+ debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
94
+
95
+ debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
96
+
97
+ debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
98
+
99
+ debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
100
+
101
+ debug2: compression ctos: none,zlib@openssh.com,zlib
102
+
103
+ debug2: compression stoc: none,zlib@openssh.com,zlib
104
+
105
+ debug2: languages ctos:
106
+
107
+ debug2: languages stoc:
108
+
109
+ debug2: first_kex_follows 0
110
+
111
+ debug2: reserved 0
112
+
113
+ debug2: peer server KEXINIT proposal
114
+
115
+ debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
116
+
117
+ debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
118
+
119
+ debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
120
+
121
+ debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
122
+
123
+ debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
124
+
125
+ debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
126
+
127
+ debug2: compression ctos: none,zlib@openssh.com
128
+
129
+ debug2: compression stoc: none,zlib@openssh.com
130
+
131
+ debug2: languages ctos:
132
+
133
+ debug2: languages stoc:
134
+
135
+ debug2: first_kex_follows 0
136
+
137
+ debug2: reserved 0
138
+
139
+ debug1: kex: algorithm: curve25519-sha256
140
+
141
+ debug1: kex: host key algorithm: ecdsa-sha2-nistp256
142
+
143
+ debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
144
+
145
+ debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
146
+
147
+ debug3: send packet: type 30
148
+
149
+ debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
150
+
151
+ debug3: receive packet: type 31
152
+
153
+ debug1: Server host key: ecdsa-sha2-nistp256 SHA256:cTwGlPQehbkQ5LF07+MdMabVAYmqpLkfr6opUUMp2sM
154
+
155
+ debug3: hostkeys_foreach: reading file "/Users/aoyamaryuta/.ssh/known_hosts"
156
+
157
+ debug3: record_hostkey: found key type ECDSA in file /Users/aoyamaryuta/.ssh/known_hosts:3
158
+
159
+ debug3: load_hostkeys: loaded 1 keys from v150-95-210-159.oqw3.static.cnode.io
160
+
161
+ debug3: hostkeys_foreach: reading file "/Users/aoyamaryuta/.ssh/known_hosts"
162
+
163
+ debug3: record_hostkey: found key type ECDSA in file /Users/aoyamaryuta/.ssh/known_hosts:4
164
+
165
+ debug3: load_hostkeys: loaded 1 keys from 150.95.210.159
166
+
167
+ debug1: Host 'v150-95-210-159.oqw3.static.cnode.io' is known and matches the ECDSA host key.
168
+
169
+ debug1: Found key in /Users/aoyamaryuta/.ssh/known_hosts:3
170
+
171
+ debug3: send packet: type 21
172
+
173
+ debug2: set_newkeys: mode 1
174
+
175
+ debug1: rekey after 134217728 blocks
176
+
177
+ debug1: SSH2_MSG_NEWKEYS sent
178
+
179
+ debug1: expecting SSH2_MSG_NEWKEYS
180
+
181
+ debug3: receive packet: type 21
182
+
183
+ debug1: SSH2_MSG_NEWKEYS received
184
+
185
+ debug2: set_newkeys: mode 0
186
+
187
+ debug1: rekey after 134217728 blocks
188
+
189
+ debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_rsa RSA SHA256:ZNYMIGyMpLlMRMlZMxgQO4TZ3m3Bi0VnxiwfdzcX6ys
190
+
191
+ debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_dsa
192
+
193
+ debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_ecdsa
194
+
195
+ debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_ed25519
196
+
197
+ debug1: Will attempt key: /Users/aoyamaryuta/.ssh/id_xmss
198
+
199
+ debug2: pubkey_prepare: done
200
+
201
+ debug3: send packet: type 5
202
+
203
+ debug3: receive packet: type 7
204
+
205
+ debug1: SSH2_MSG_EXT_INFO received
206
+
207
+ debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
208
+
209
+ debug3: receive packet: type 6
210
+
211
+ debug2: service_accept: ssh-userauth
212
+
213
+ debug1: SSH2_MSG_SERVICE_ACCEPT received
214
+
215
+ debug3: send packet: type 50
216
+
217
+ debug3: receive packet: type 51
218
+
219
+ debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
220
+
221
+ debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic
222
+
223
+ debug3: preferred publickey,keyboard-interactive,password
224
+
225
+ debug3: authmethod_lookup publickey
226
+
227
+ debug3: remaining preferred: keyboard-interactive,password
228
+
229
+ debug3: authmethod_is_enabled publickey
230
+
231
+ debug1: Next authentication method: publickey
232
+
233
+ debug1: Offering public key: /Users/aoyamaryuta/.ssh/id_rsa RSA SHA256:ZNYMIGyMpLlMRMlZMxgQO4TZ3m3Bi0VnxiwfdzcX6ys
234
+
235
+ debug3: send packet: type 50
236
+
237
+ debug2: we sent a publickey packet, wait for reply
238
+
239
+ debug3: receive packet: type 51
240
+
241
+ debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
242
+
243
+ debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_dsa
244
+
245
+ debug3: no such identity: /Users/aoyamaryuta/.ssh/id_dsa: No such file or directory
246
+
247
+ debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_ecdsa
248
+
249
+ debug3: no such identity: /Users/aoyamaryuta/.ssh/id_ecdsa: No such file or directory
250
+
251
+ debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_ed25519
252
+
253
+ debug3: no such identity: /Users/aoyamaryuta/.ssh/id_ed25519: No such file or directory
254
+
255
+ debug1: Trying private key: /Users/aoyamaryuta/.ssh/id_xmss
256
+
257
+ debug3: no such identity: /Users/aoyamaryuta/.ssh/id_xmss: No such file or directory
258
+
259
+ debug2: we did not send a packet, disable method
260
+
261
+ debug1: No more authentication methods to try.
262
+
263
+ aoyamaryuta@v150-95-210-159.oqw3.static.cnode.io: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
34
264
 
35
265
  ```
36
266
 
@@ -38,7 +268,7 @@
38
268
 
39
269
  ### 試したこと
40
270
 
41
- rootでuser1を作成後に公開鍵認証を行おうとして、鍵のペアを作りsshdを更新後シェルを閉じ、公開鍵認証でuser1でログインしようとしたら上記のエラーが出ました。
271
+
42
272
 
43
273
  - rootアカウントでのログインを禁止しています。
44
274