关于使用putty私钥连接linux出现失败的原因解决方案
2012-04-17 16:11
661 查看
楼主最近研究hadoop,遇到ssh私钥连接linux失败的问题,苦恼了很久,具体做法是通过puttygen.exe生成私钥和公钥文件,将公钥文件拷贝至ubuntu下hadoop用户下的.ssh文件夹下,然后用私钥文件连接,但总是出现“server refused our key“的报错,百撕不得骑姐,哦不,是百思不得其解,然后谷歌百度,找到如下文章,来源http://www.andremolnar.com/how_to_set_up_ssh_keys_with_putty_and_not_get_server_refused_our_key
文章内容
So you're trying to set up ssh keys on your windows box with putty and you keep getting "Server refused our key". Read on, I've got your solution... but first lets take a look at what you've done so far.
Chances are you have done some/none/all of the following:
opened up puttygen.exe
generated a key after wiggling your mouse
entered a strong passphrase
saved the public key to something like
saved the private key to something like
moved your public key up to the server
(maybe even) converted the format of the key from putty to openssh with something like
changed some permissions like
added your pubkey to the authorized_keys file with something like
changed some more permissions like
changed your putty settings under "connection > SSH > auth" to use
tried to connect and...
"Server refused our key"
Well - from what I have read that's supposed to work... but it didn't work for you did it?
Your problem has nothing to do with how well you followed these well documented procedures for getting ssh keys to work.
The solution to the problem is...
(brace yourself, its really simple) to try generating the keys on the server (unix, linix, bsd etc.) instead of the client (i.e. in windows).
Try the following:
ssh to your server using good old user name and password
do check permissions on your ~/.ssh folder and make sure to
if they are wrong
do check permissions on your ~/.ssh/authorized_keys file and make sure to
if they are wrong
generate the keys on the server with something like
(or rsa -
read the man pages if your don't know how to use ssh-keygen
accept the file names it wants to use
enter a strong passphrase
add the pub key to the authorized_keys file with something like
copy the private key (id_dsa) to your local windows machine (use winscp or sftp or some such tool)
NOW open puttygen.exe
under actions select "load" and load the id_dsa file
enter the passphrase you set when you generated the key on the server. Puttygen will now convert the key to something that putty will understand
save that file to something like
NOW change your putty settings under "connection > SSH > auth" to use
NOW try and connect
enter the passphrase when prompted
pat yourself on the back. You're connected to the server (I hope)
Now all you have to do is figure out a way to not have to always enter that passphrase. Well that will require setting up puttyagent. But, I'll let you figure that out for yourself.
I really hope this helped you out. I wasted too much of my life figuring this out this evening and I hope I saved you hours of aggravation.
Have comments? Want to say thanks? Leave a comment. Or if you feel really generous send me a buck or three ;-)
原来原因在于生成私钥文件的步骤是在windows下的,也就是说用puttygen这个工具生成公钥私钥,然后将公钥拷贝到linux下,再用私钥访问目前存在一些问题。解决方案就是反过来使用linux生成私钥公钥文件,然后将生成的私钥文件拷贝至window下,用puttygen.exe加载(load)它生成putty支持的私钥文件,再用该文件访问。楼主做了一次就成功了,故分享下经验。
步骤
文章内容
So you're trying to set up ssh keys on your windows box with putty and you keep getting "Server refused our key". Read on, I've got your solution... but first lets take a look at what you've done so far.
Chances are you have done some/none/all of the following:
opened up puttygen.exe
generated a key after wiggling your mouse
entered a strong passphrase
saved the public key to something like
pubkey
saved the private key to something like
privatekey.ppk
moved your public key up to the server
(maybe even) converted the format of the key from putty to openssh with something like
ssh-keygen -if pubkey > pubkey_openssh_format
changed some permissions like
chmod 700 .ssh
added your pubkey to the authorized_keys file with something like
cat pubkey >> .ssh/authorized_keys
changed some more permissions like
chmod 600 authorized_keys
changed your putty settings under "connection > SSH > auth" to use
privatekey.ppk
tried to connect and...
"Server refused our key"
Well - from what I have read that's supposed to work... but it didn't work for you did it?
Your problem has nothing to do with how well you followed these well documented procedures for getting ssh keys to work.
The solution to the problem is...
(brace yourself, its really simple) to try generating the keys on the server (unix, linix, bsd etc.) instead of the client (i.e. in windows).
Try the following:
ssh to your server using good old user name and password
do check permissions on your ~/.ssh folder and make sure to
chmod 700 .ssh
if they are wrong
do check permissions on your ~/.ssh/authorized_keys file and make sure to
chmod 600 authorized_keys
if they are wrong
generate the keys on the server with something like
ssh-keygen -t dsa
(or rsa -
read the man pages if your don't know how to use ssh-keygen
accept the file names it wants to use
enter a strong passphrase
add the pub key to the authorized_keys file with something like
cat id_dsa.pub >> .ssh/authorized_keys
copy the private key (id_dsa) to your local windows machine (use winscp or sftp or some such tool)
NOW open puttygen.exe
under actions select "load" and load the id_dsa file
enter the passphrase you set when you generated the key on the server. Puttygen will now convert the key to something that putty will understand
save that file to something like
pivatekey.ppk
NOW change your putty settings under "connection > SSH > auth" to use
privatekey.ppk
NOW try and connect
enter the passphrase when prompted
pat yourself on the back. You're connected to the server (I hope)
Now all you have to do is figure out a way to not have to always enter that passphrase. Well that will require setting up puttyagent. But, I'll let you figure that out for yourself.
I really hope this helped you out. I wasted too much of my life figuring this out this evening and I hope I saved you hours of aggravation.
Have comments? Want to say thanks? Leave a comment. Or if you feel really generous send me a buck or three ;-)
原来原因在于生成私钥文件的步骤是在windows下的,也就是说用puttygen这个工具生成公钥私钥,然后将公钥拷贝到linux下,再用私钥访问目前存在一些问题。解决方案就是反过来使用linux生成私钥公钥文件,然后将生成的私钥文件拷贝至window下,用puttygen.exe加载(load)它生成putty支持的私钥文件,再用该文件访问。楼主做了一次就成功了,故分享下经验。
步骤
1:使用linux密码登陆,然后键入命令ssh-keygen -t dsa生成公钥私钥文件,你会在用户目录下的.ssh隐藏文件夹下找到他们 2:修改公钥文件的名字cat id_dsa.pub >> .ssh/authorized_keys 3:将私钥文件id_dsa拷贝到你的windons下,打开puttygen,然后点击load,对话框中的文件类型选择所有,load 这个id_dsa文件后,save private key文件,以后用这个 生成的私钥就可以访问linux了
相关文章推荐
- sql2000服务器连接时出现用户 'sa' 登录失败。原因: 未与信任 SQL Server 连接相关联【解决方案】
- 关于Putty连接Linux出现Network error:Connection reset by peer LINUX问题解决
- 在windows下使用putty连接虚拟中的linux出现主机拒绝的问题(已解决)
- 在XP下使用putty连接虚拟机中的linux出现主机拒绝的问题解决办法
- 关于Jedis连接Linux上的redis出现 DENIED Redis is running in protected mode问题的解决方案
- 关于Jedis连接Linux上的redis出现 DENIED Redis is running in protected mode问题的解决方案
- winscp连接linux时提示连接失败OOPS:cannot change directory:/home/....什么的原因以及解决方案
- putty 连接linux失败---解决方案
- 关于“ORA-12545: 因目标主机或对象不存在,连接失败。”原因分析及解决方案
- 普通用户非root用户winscp连接linux时提示用户连接失败监测到超时的原因以及解决方案
- 关于Jedis连接Linux上的redis出现 DENIED Redis is running in protected mode问题的解决方案
- Xshell5连接虚拟机中的Linux(Centos)的方法以及失败原因
- 客户端连接LINUX很慢原因可能是使用DNS导致的
- 【Python】 关于Python 3.x中,使用print函数时出现的语法错误(SyntaxError: invalid syntax)的问题的原因
- 解决方案:用户 'sa'登录失败。原因: 未与信任SQL Server连接相关联。
- 关于数据库还原时出现的因为数据库正在使用,所以无法获得对数据库的独占访问权“的解决方案
- 使用LogParser时,的检索 COM 类工厂中 CLSID 为 {8CFEBA94-3FC2-45CA-B9A5-9EDACF704F66} 的组件时失败,原因是出现以下错误: 80070005
- putty远程连接Linux系统出现连接超时
- 在Windows上使用putty连接一台Linux主机
- linux环境下调试嵌入式设备时出现Aborted、segmentation fault、卡死的问题以及关于指针使用的一点想法