从 Windows 到 GitLab 的 SSH 权限被拒绝(公钥)

【问题标题】:SSH permission denied from Windows to GitLab (public key)从 Windows 到 GitLab 的 SSH 权限被拒绝(公钥)
【发布时间】:2022-02-26 23:54:26
【问题描述】:

我正在尝试使用 ssh 从 Microsoft Windows 连接到 GitLab,但响应此命令 ssh -Tvvv git@gitlab.markitasdone.com 我收到以下错误:

OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug3: Failed to open file:C:/Users/Saeed/.ssh/config error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_config error:2
debug2: resolving "gitlab.markitasdone.com" port 22
debug2: ssh_connect_direct
debug1: Connecting to gitlab.markitasdone.com [142.93.9.7] port 22.
debug1: Connection established.
debug3: Failed to open file:C:/Users/Saeed/.ssh/id_rsa error:2
debug3: Failed to open file:C:/Users/Saeed/.ssh/id_rsa.pub error:2
debug1: identity file C:\\Users\\Saeed/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.2 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to gitlab.markitasdone.com:22 as 'git'
debug3: hostkeys_foreach: reading file "C:\\Users\\Saeed/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file C:\\Users\\Saeed/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from gitlab.markitasdone.com
debug3: Failed to open file:C:/Users/Saeed/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: reserved 0
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31

debug3: hostkeys_foreach: reading file "C:\\Users\\Saeed/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file C:\\Users\\Saeed/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from gitlab.markitasdone.com
debug3: Failed to open file:C:/Users/Saeed/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug3: hostkeys_foreach: reading file "C:\\Users\\Saeed/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file C:\\Users\\Saeed/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 142.93.9.7
debug3: Failed to open file:C:/Users/Saeed/.ssh/known_hosts2 error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
debug1: Host 'gitlab.markitasdone.com' is known and matches the ECDSA host key.
debug1: Found key in C:\\Users\\Saeed/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug3: unable to connect to pipe \\\\.\\pipe\\openssh-ssh-agent, error: 2
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug1: Will attempt key: C:\\Users\\Saeed/.ssh/id_rsa
debug1: Will attempt key: C:\\Users\\Saeed/.ssh/id_dsa
debug1: Will attempt key: C:\\Users\\Saeed/.ssh/id_ecdsa
debug1: Will attempt key: C:\\Users\\Saeed/.ssh/id_ed25519 ED25519 SHA256:oG6rH82EthXFIeexWntA7mmsYb+h/d5lMGXc+2REW0k
debug1: Will attempt key: C:\\Users\\Saeed/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: C:\\Users\\Saeed/.ssh/id_rsa
debug3: no such identity: C:\\Users\\Saeed/.ssh/id_rsa: No such file or directory
debug1: Trying private key: C:\\Users\\Saeed/.ssh/id_dsa
debug3: no such identity: C:\\Users\\Saeed/.ssh/id_dsa: No such file or directory
debug1: Trying private key: C:\\Users\\Saeed/.ssh/id_ecdsa
debug3: no such identity: C:\\Users\\Saeed/.ssh/id_ecdsa: No such file or directory
debug1: Offering public key: C:\\Users\\Saeed/.ssh/id_ed25519 ED25519 SHA256:oG6rH82EthXFIeexWntA7mmsYb+h/d5lMGXc+2REW0k
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: C:\\Users\\Saeed/.ssh/id_xmss
debug3: no such identity: C:\\Users\\Saeed/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
git@gitlab.markitasdone.com: Permission denied (publickey).

值得注意的是,一个月前我能够毫无问题地连接到 GitLab。今天遇到上面的错误,我决定把ssh key去掉,在GitLab instructions之后生成另一个key。

从错误来看,它似乎在 ssh 文件夹中寻找配置文件。我检查了文件夹,但那里没有这样的文件。是否必须为 ssh 创建配置文件才能再次工作?如果有,这个文件应该有什么内容?

更新: .ssh目录内ls -l命令的输出为:

total 12
-rw------- 1 saeed saeed 399 Jan 16 18:30 id_ed25519
-rw-r--r-- 1 saeed saeed  91 Jan 16 18:30 id_ed25519.pub
-rw-r--r-- 1 saeed saeed 888 Jan 16 10:20 known_hosts

id 的输出是:

uid=1000(saeed) gid=1000(saeed) groups=1000(saeed),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),117(netdev)

【问题讨论】:

  • 我认为最好联系gitlab.markitasdone.com 与他们分享此错误。他们可以检查他们的服务器端日志,告诉您有关您的案例的更多信息。
  • 是的,我想我应该这样做。我已经测试了我能想到的一切。感谢您的帮助。

标签: git ssh


【解决方案1】:

欢迎加入 StackOverflow。

这是您的日志消息中有趣的部分:

debug3: Failed to open file:C:/Users/Saeed/.ssh/id_rsa error:2
debug3: Failed to open file:C:/Users/Saeed/.ssh/id_rsa.pub error:2

由于某些原因(由您决定原因),无法访问该路径。尝试打开您的文件管理器并转到该位置。

也许您尚未从该计算机或该用户帐户生成密钥,以便:

  1. 验证目录/Users/Saeed/.ssh是否存在
  2. 验证文件C:/Users/Saeed/.ssh/id_rsa是否存在

如果没有,请查看如何生成新的 SSH 密钥。

【讨论】:

  • 我最初创建了id_ed25519 键,它们在目录中。唉,我得到了上述错误。这一次,我创建了一个 RSA 密钥,但现在它要求 id_rsa-cert: debug3: Failed to open file:C:/Users/Saeed/.ssh/id_rsa-cert error:2 debug3: Failed to open file:C:/Users/Saeed/.ssh/id_rsa-cert.pub error:2
  • 您能否再次检查该路径名或其名称以查看它是否真的存在,或者您是否可以使用文本编辑器等打开这些文件?
  • 此目录中没有id_rsa_cert 文件,但现在目录中有id_ed25519id_rsa 键(以及它们的.pub 版本和known_hosts 文件)。我可以使用文本编辑器打开它们。其中有有效的内容。
  • 我有 WSL2 下的 ubuntu。我在那里创建了另一个密钥。试图验证连接,我仍然得到Permission denied (publickey)。调试输出日志有趣的几行:debug1: identity file /home/saeed/.ssh/id_ed25519 type 3debug3: record_hostkey: found key type ECDSA in file /home/saeed/.ssh/known_hosts:3debug1: Authentications that can continue: publickey debug1: Trying private key: /home/saeed/.ssh/id_ed25519_sk debug3: no such identity: /home/saeed/.ssh/id_ed25519_sk: No such file or directory
  • 再次显示“没有这样的文件或目录”。它是否存在 '/home/saeed/.ssh/id_ed25519_sk' ?可以用文本编辑器打开吗?您能否向我们展示它的权限:id 然后ls -l /home/saeed/.ssh/id_ed25519_sk?请把这个放在你的问题中。谢谢
猜你喜欢
  • 2019-03-08
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2019-11-24
  • 2014-11-08
  • 2019-03-11
  • 1970-01-01
  • 1970-01-01
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode