【发布时间】:2014-12-27 03:03:51
【问题描述】:
我在 CentOS 服务器上安装了 GitLab。我刚刚做了一个“yum 更新”,其中包括将 openssh、openssh-askpass、openssh-client 和 openssh-server 更新到 5.3p1 版本。现在我的用户都不能通过 git 访问他们的代码。我尝试了调试会话“ssh -vT git@[my server]”,出现以下输出:
$ ssh -vT git@[myserver]
OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Connecting to 172.16.2.156 [172.16.2.156] port 22.
debug1: Connection established.
debug1: identity file /c/Users/anne.racel/.ssh/identity type -1
debug1: identity file /c/Users/anne.racel/.ssh/id_rsa type 1
debug1: identity file /c/Users/anne.racel/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '172.16.2.156' is known and matches the RSA host key.
debug1: Found key in /c/Users/anne.racel/.ssh/known_hosts:8
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /c/Users/anne.racel/.ssh/identity
debug1: Offering public key: /c/Users/anne.racel/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Offering public key: /c/Users/anne.racel/.ssh/id_dsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: password
git@172.16.2.156's password:
/var/log/secure 文件前几次显示如下:
Oct 30 15:54:55 SRV-GITLAB-001 sshd[13526]: Invalid user Anne.Racel from 192.168.253.77
Oct 30 15:54:55 SRV-GITLAB-001 sshd[13528]: input_userauth_request: invalid user Anne.Racel
但后来我开始没有任何输出。
按照我在网上找到的说明,我尝试修改 sshd_config 文件以包含以下内容(注意:文件上的时间戳显示它在更新期间没有更改):
### changing this, hoping to solve our RSA keys problem ###
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile /var/opt/gitlab/.ssh/authorized_keys
#AuthorizedKeysCommand none
#AuthorizedKeysCommandRunAs nobody
我尝试在 Gitlab 中删除旧密钥并添加新密钥(RSA 和 DSA)。我确认密钥确实出现在 /gitlab/.ssh/known_hosts 文件中。我试过重置 pam_tally2,以防万一。我检查了 .ssh 目录和包含文件的权限。似乎没有什么不同。
我可以通过 ssh 进入服务器,所以密码是有效的。似乎只是使用密钥连接不起作用。
【问题讨论】:
-
如果你使用
-vvv,你还能从 ssh 获得更多吗?这些错误行看起来像是在抱怨用户名而不是密钥。 -
这是我尝试提高详细程度(相关部分)时的响应:'debug1:提供公钥:/c/Users/anne.racel/.ssh/id_rsa debug3:send_pubkey_test debug2:我们发送一个公钥数据包,等待回复调试1:可以继续的身份验证:公钥,gssapi-keyex,gssapi-with-mi c,密码调试1:提供公钥:/c/Users/anne.racel/.ssh/id_dsa调试3:send_pubkey_test debug2:我们发送了一个公钥包,等待回复'
标签: git ssh centos gitlab openssh