A chave pública deve ser criada na máquina convidada. Assim, a máquina convidada ssh-keygen
e cat id_rsa.pub >> authorized_keys
onde id_rsa.pub
é da máquina convidada e authorized_keys
está na máquina host.
Por que eu insisto em fazer uma pergunta
Eu fiz uma pesquisa rápida sobre esse problema e fiz algumas soluções que foram ditas. Nenhum funcionou.
O que eu fiz
Termux como host. Instalado apt install openssh
, criou publickey ssh-keygen
com a frase secreta vazia. Então continuei com cat id_rsa.pub >> authorized_keys
. Tentei ssh com ssh localhost -p 8022 -i id_rsa
na máquina host. Sem problemas. Mas com ssh IP -p 8022 -i id_rsa
na máquina de convidado, sem sorte. Eu recebo Permission denied (publickey,keyboard-interactive)
sshd -d
Da máquina host (sucesso)
$ sshd -d
debug1: sshd version OpenSSH_7.8, OpenSSL 1.1.1 11 Sep 2018
debug1: private host key #0: ssh-rsa SHA256:iFL8gWX/82tKCisCVLKZBNPOqjhCJkc7FsMnrpgnvLQ
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:e6xyxgJ4tsTWSgh/l8ugijsCnJNz10tc+CLtuLFiUvE
debug1: private host key #2: ssh-ed25519 SHA256:5+j3igYvX5HjpIMV9OikSdhN9JxDzxhHkDfkA7huHp8
debug1: rexec_argv[0]='/data/data/com.termux/files/usr/bin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 8022 on ::.
Server listening on :: port 8022.
debug1: Bind to port 8022 on 0.0.0.0.
Server listening on 0.0.0.0 port 8022.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 7 out 7 newsock 7 pipe -1 sock 10
debug1: inetd sockets after dupping: 5, 5
Connection from 127.0.0.1 port 54583 on 127.0.0.1 port 8022
debug1: Client protocol version 2.0; client software version OpenSSH_7.8
debug1: match: OpenSSH_7.8 pat OpenSSH* compat 0x04000000
debug1: Local version string SSH-2.0-OpenSSH_7.8
debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_INIT
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: KEX done
debug1: userauth-request for user u0_a121 service ssh-connection method none
debug1: attempt 0 failures 0
Failed none for u0_a121 from 127.0.0.1 port 54583 ssh2
debug1: userauth-request for user u0_a121 service ssh-connection method publickey
debug1: attempt 1 failures 0
debug1: userauth_pubkey: test pkalg rsa-sha2-512 pkblob RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0
debug1: temporarily_use_uid: 10121/10121 (e=10121/10121)
debug1: trying public key file /data/data/com.termux/files/home/.ssh/authorized_keys
debug1: fd 9 clearing O_NONBLOCK
debug1: /data/data/com.termux/files/home/.ssh/authorized_keys:2: matching key found: RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0
debug1: /data/data/com.termux/files/home/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
Accepted key RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0 found at /data/data/com.termux/files/home/.ssh/authorized_keys:2
debug1: restore_uid: (unprivileged)
Postponed publickey for u0_a121 from 127.0.0.1 port 54583 ssh2
debug1: userauth-request for user u0_a121 service ssh-connection method publickey
debug1: attempt 2 failures 0
debug1: temporarily_use_uid: 10121/10121 (e=10121/10121)
debug1: trying public key file /data/data/com.termux/files/home/.ssh/authorized_keys
debug1: fd 9 clearing O_NONBLOCK
debug1: /data/data/com.termux/files/home/.ssh/authorized_keys:2: matching key found: RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0
debug1: /data/data/com.termux/files/home/.ssh/authorized_keys:2: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
Accepted key RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0 found at /data/data/com.termux/files/home/.ssh/authorized_keys:2
debug1: restore_uid: (unprivileged)
debug1: auth_activate_options: setting new authentication options
Accepted publickey for u0_a121 from 127.0.0.1 port 54583 ssh2: RSA SHA256:R9btL/xmY/LOZrXIoPjARJxTpAkWUyR4QB5bAIVlEh0
debug1: active: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch
debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_global_request: rtype [email protected] want_reply 0
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/pts/2
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
Starting session: shell on pts/2 for u0_a121 from 127.0.0.1 port 54583 id 0
debug1: Setting controlling tty using TIOCSCTTY.
Da máquina convidada (Permissão negada)
$ sshd -d
debug1: sshd version OpenSSH_7.8, OpenSSL 1.1.1 11 Sep 2018
debug1: private host key #0: ssh-rsa SHA256:iFL8gWX/82tKCisCVLKZBNPOqjhCJkc7FsMnrpgnvLQ
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:e6xyxgJ4tsTWSgh/l8ugijsCnJNz10tc+CLtuLFiUvE
debug1: private host key #2: ssh-ed25519 SHA256:5+j3igYvX5HjpIMV9OikSdhN9JxDzxhHkDfkA7huHp8
debug1: rexec_argv[0]='/data/data/com.termux/files/usr/bin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 8022 on ::.
Server listening on :: port 8022.
debug1: Bind to port 8022 on 0.0.0.0.
Server listening on 0.0.0.0 port 8022.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 7 out 7 newsock 7 pipe -1 sock 10
debug1: inetd sockets after dupping: 5, 5
Connection from 192.168.0.154 port 45802 on 192.168.0.197 port 8022
debug1: Client protocol version 2.0; client software version OpenSSH_7.4p1 Debian-10+deb9u4
debug1: match: OpenSSH_7.4p1 Debian-10+deb9u4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug1: Local version string SSH-2.0-OpenSSH_7.8
debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_INIT
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: KEX done
debug1: userauth-request for user izzatnasrun service ssh-connection method none
debug1: attempt 0 failures 0
Failed none for izzatnasrun from 192.168.0.154 port 45802 ssh2
debug1: userauth-request for user izzatnasrun service ssh-connection method keyboard-interactive
debug1: attempt 1 failures 0
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=izzatnasrun devs=
debug1: kbdint_alloc: devices ''
Failed keyboard-interactive for izzatnasrun from 192.168.0.154 port 45802 ssh2
Connection closed by authenticating user izzatnasrun 192.168.0.154 port 45802
debug1: do_cleanup
OBSERVAÇÃO
As permissões são as seguintes na máquina host
chmod 600 ~/.ssh/authorized_keys
chmod 700 ~/.ssh
chmod 700 ~
Termux sshd é definido como 8022 como padrão
PasswordAuthentication no
é uma obrigação A chave pública deve ser criada na máquina convidada. Assim, a máquina convidada ssh-keygen
e cat id_rsa.pub >> authorized_keys
onde id_rsa.pub
é da máquina convidada e authorized_keys
está na máquina host.