O arquivo ssh_config
estava faltando. Eu determinei que algo deu errado na instalação e purgei do meu sistema. Após reinstalar e configurar, consegui me conectar como se espera
tentando se conectar ao meu novo servidor (usando putty 0.70) e estou recebendo o seguinte erro de putty: Desconectado: Não há métodos de autenticação de suporte disponíveis (servidor enviado: publickey, gssapi-with-mic)
aqui é onde eu fico confuso ... se eu usar o modo de depuração no sshd, o servidor me permite entrar. esperamos que todas as informações que você possa precisar estejam abaixo.
informações do servidor: versão CentOS Linux 7.4.1708
usuário foder perm: 700
.ssh pasta perm: 700
arquivo autorizado_keys perm: 600
e eu tenho o triplo verificado que eu coloquei minha chave no arquivo corretamente
log de eventos do putty
Connecting to xx.xxx.xx.xxx port 22
We claim version: SSH-2.0-PuTTY_Release_0.70
Server version: SSH-2.0-OpenSSH_7.4
Using SSH protocol version 2
Doing ECDH key exchange with curve Curve25519 and hash SHA-256
Server also has ssh-ed25519/ecdsa-sha2-nistp256 host keys, but we don't know any of them
Host key fingerprint is:
ssh-rsa 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA-256 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA-256 server->client MAC algorithm
Pageant is running. Requesting keys.
Pageant has 1 SSH-2 keys
Trying Pageant key #0
Server refused our key
Using SSPI from SECUR32.DLL
Attempting GSSAPI authentication
GSSAPI authentication request refused
Disconnected: No supported authentication methods available (server sent: publickey,gssapi-keyex,gssapi-with-mic)
log de /var/log/secure
enquanto executa o sshd como normal (sem depuração)
localhost polkitd[661]: Registered Authentication Agent for unix-process:2251:676669 (system bus name :1.58 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
localhost sshd[2267]: Server listening on 0.0.0.0 port 22.
localhost sshd[2267]: Server listening on :: port 22.
localhost polkitd[661]: Unregistered Authentication Agent for unix-process:2251:676669 (system bus name :1.58, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
localhost sshd[2268]: error: Received disconnect from xx.xxx.xxx.xx port 63760:14: No supported authentication methods available [preauth]
localhost sshd[2268]: Disconnected from xx.xxx.xxx.xx port 63760 [preauth]
e do meu servidor usando /usr/sbin/sshd -d
debug1: sshd version OpenSSH_7.4, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: private host key #0: ssh-rsa SHA256:Rq6yx2xQ7QW4KhnLtxuQP8aq9ZMBEBooF5D80LuxyQk
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:Oek0xG7QM//4lWxH/uBegjKD5/V7WDd+FUdl19Pxq+E
debug1: private host key #2: ssh-ed25519 SHA256:lQj5wuazdOVz0ZHrBraC+z7UqCh740bdYE24uK8tspc
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 13207 on 0.0.0.0.
Server listening on 0.0.0.0 port 13207.
debug1: Bind to port 13207 on ::.
Server listening on :: port 13207.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
Connection from 66.210.152.17 port 52953 on 192.168.1.103 port 13207
debug1: Client protocol version 2.0; client software version PuTTY_Release_0.70
debug1: no match: PuTTY_Release_0.70
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Enabling compatibility mode for protocol 2.0
debug1: SELinux support enabled [preauth]
debug1: permanently_set_uid: 74/74 [preauth]
debug1: list_hostkey_types: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: algorithm: [email protected] [preauth]
debug1: kex: host key algorithm: ssh-rsa [preauth]
debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
debug1: kex: [email protected] need=32 dh_need=32 [preauth]
debug1: kex: [email protected] need=32 dh_need=32 [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: rekey after 4294967296 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: rekey after 4294967296 blocks [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user david service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: PAM: initializing for "david"
debug1: PAM: setting PAM_RHOST to "itss-tech14.icnet.net"
debug1: PAM: setting PAM_TTY to "ssh"
debug1: userauth-request for user david service ssh-connection method publickey [preauth]
debug1: attempt 1 failures 0 [preauth]
debug1: userauth_pubkey: test whether pkalg/pkblob are acceptable for RSA SHA256:qiTokvVJjhT1hkBZ2pKqbMH6Ozb986CrlFyFp7OjHkQ [preauth]
debug1: temporarily_use_uid: 1000/1000 (e=0/0)
debug1: trying public key file /home/david/.ssh/authorized_keys
debug1: fd 4 clearing O_NONBLOCK
debug1: matching key found: file /home/david/.ssh/authorized_keys, line 1 RSA SHA256:qiTokvVJjhT1hkBZ2pKqbMH6Ozb986CrlFyFp7OjHkQ
debug1: restore_uid: 0/0
Postponed publickey for david from 66.210.152.17 port 52953 ssh2 [preauth]
debug1: userauth-request for user david service ssh-connection method publickey [preauth]
debug1: attempt 2 failures 0 [preauth]
debug1: temporarily_use_uid: 1000/1000 (e=0/0)
debug1: trying public key file /home/david/.ssh/authorized_keys
debug1: fd 4 clearing O_NONBLOCK
debug1: matching key found: file /home/david/.ssh/authorized_keys, line 1 RSA SHA256:qiTokvVJjhT1hkBZ2pKqbMH6Ozb986CrlFyFp7OjHkQ
debug1: restore_uid: 0/0
debug1: do_pam_account: called
Accepted publickey for david from xx.xxx.xxx.xx port 52953 ssh2: RSA SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
debug1: monitor_child_preauth: david has been authenticated by privileged process
debug1: monitor_read_log: child log fd closed
debug1: temporarily_use_uid: 1000/1000 (e=0/0)
debug1: ssh_gssapi_storecreds: Not a GSSAPI mechanism
debug1: restore_uid: 0/0
debug1: SELinux support enabled
debug1: PAM: establishing credentials
User child is on pid 2295
debug1: PAM: establishing credentials
debug1: permanently_set_uid: 1000/1000
debug1: rekey after 4294967296 blocks
debug1: rekey after 4294967296 blocks
debug1: ssh_packet_set_postauth: called
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch
debug1: server_input_channel_open: ctype session rchan 256 win 16384 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_new: session 0
debug1: SELinux support enabled
debug1: session_pty_req: session 0 alloc /dev/pts/1
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
Starting session: shell on pts/1 for xxxx from xx.xxx.xxx.xx port 52953 id 0
debug1: Setting controlling tty using TIOCSCTTY.