我有Jenkins在我的本地计算机上运行,试图找出服务器上的远程ssh问题。我收到此拒绝权限错误,该错误指示密钥存在问题,但是从外壳上的同一用户帐户,我肯定可以连接。
Started by user anonymous Building in workspace /Users/jgoodwin/jenkins/workspace/app [postprocessor] $ /bin/sh -xe /var/folders/b0/h_wtmzss6cx11p6153y9h2cr0000gn/T/hudson4163212101874527747.sh + echo /Users/jgoodwin /Users/jgoodwin + whoami jgoodwin + ssh -i /Users/jgoodwin/.ssh/id_rsa remoteuser@server 'echo success' Permission denied (publickey,gssapi-keyex,gssapi-with-mic). Build step 'Execute shell' marked build as failure Finished: FAILURE
这是直接在shell上运行的:
Jasons-MacBook-Air:~ jgoodwin$ echo $HOME /Users/jgoodwin Jasons-MacBook-Air:~ jgoodwin$ whoami jgoodwin Jasons-MacBook-Air:~ jgoodwin$ ssh -i /Users/jgoodwin/.ssh/id_rsa remoteuser@server 'echo success' success
我很沮丧-过去我曾在hudson上做过很多工作,而且我认为在进行此类工作时没有任何问题。该错误表明按键有问题,但是显然可以。
编辑:
根据请求的详细日志
OpenSSH_5.9p1, OpenSSL 0.9.8x 10 May 2012 debug1: Reading configuration data /etc/ssh_config debug1: /etc/ssh_config line 20: Applying options for * debug1: /etc/ssh_config line 53: Applying options for * debug1: Connecting to hostname [ip] port 22. debug1: Connection established. debug1: identity file /Users/jgoodwin/.ssh/id_rsa type 1 debug1: identity file /Users/jgoodwin/.ssh/id_rsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA ed:d4:92:3f:33:bd:dd:b9:eb:d1:b2:19:4c:f1:70:e9 debug1: Host 'hostname' is known and matches the RSA host key. debug1: Found key in /Users/jgoodwin/.ssh/known_hosts:6 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug1: Next authentication method: publickey debug1: Offering RSA public key: /Users/jgoodwin/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 279 debug1: key_parse_private_pem: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> debug1: read_passphrase: can't open /dev/tty: Device not configured debug1: No more authentication methods to try. Permission denied (publickey,gssapi-keyex,gssapi-with-mic). Build step 'Execute shell' marked build as failure
编辑:成功尝试添加8/15
OpenSSH_5.9p1, OpenSSL 0.9.8x 10 May 2012 debug1: Reading configuration data /etc/ssh_config debug1: /etc/ssh_config line 20: Applying options for * debug1: /etc/ssh_config line 53: Applying options for * debug1: Connecting to hostname [ip] port 22. debug1: Connection established. debug1: identity file /Users/jgoodwin/.ssh/id_rsa type 1 debug1: identity file /Users/jgoodwin/.ssh/id_rsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA 40:bf:b5:74:1c:5f:b6:93:00:4b:ca:1d:fc:0f:39:ec debug1: Host 'hostname' is known and matches the RSA host key. debug1: Found key in /Users/jgoodwin/.ssh/known_hosts:3 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic debug1: Next authentication method: publickey debug1: Offering RSA public key: /Users/jgoodwin/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 279 debug1: Authentication succeeded (publickey). Authenticated to hostname ([54.226.250.218]:22). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = en_CA.UTF-8 Last login: Thu Aug 15 13:09:32 2013 from 66.199.39.230
多种原因可能导致此行为,例如使用代理/钥匙串管理器进行密钥缓存等。
我建议使用-v参数比较2个输出:
ssh -v -i /Users/jgoodwin/.ssh/id_rsa remoteuser@server
这将使您以更详细的方式比较正在发生的事情。如果仍然无法解决,请发布详细输出进行比较。
注意:您最多可以添加3个-v参数以提高详细程度。
更新时间 :
@JasonG从我看到的失败的详细信息是:
debug1:提供RSA公钥:/Users/jgoodwin/.ssh/id_rsa debug1:服务器接受密钥:pkalg ssh-rsa blen 279 debug1:key_parse_private_pem:PEM_read_PrivateKey调试失败:已读取PEM私钥已完成:键入debug1:read_passphrase:无法打开/ dev / tty:未配置设备
您的密钥似乎有一个密码短语,由于我们不在交互式外壳中,因此无法输入该密码短语。标准外壳程序的命令行可能会受益于Keycahin,它会为您“键入密码短语”。
如果您可以为成功的命令生成相同的详细程度,以便我们进行比较…