SSH到Docker:权限被拒绝(publickey)
我正在运行一个码头容器,并想使用emacs的tramp
包对其进行ssh操作。我可以成功使用docker exec -it containername bash
。但我只想用我的emacs来配置工作。我已经将容器的端口22暴露给本地端口22.SSH到Docker:权限被拒绝(publickey)
顺便说一下,我的.ssh
文件夹中确实有id_rsa
。
但是,即使我使用ssh -p 22 [email protected]
它仍然无法正常工作。该日志如下:
OpenSSH_7.4p1, LibreSSL 2.5.0
debug1: Reading configuration data /Users/spacegoing/.ssh/config
debug1: /Users/spacegoing/.ssh/config line 26: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to localhost [::1] port 22.
debug1: connect to address ::1 port 22: Connection refused
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /Users/spacegoing/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/spacegoing/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1 Debian-4+deb7u3
debug1: match: OpenSSH_6.0p1 Debian-4+deb7u3 pat OpenSSH* compat 0x04000000
debug1: Authenticating to localhost:22 as 'dwolf'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: [email protected]ssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:w7Y3BsQ1xof3U5cohsL5y9ctWvgNaTuXdbDFwQtE+Gc
debug1: Host 'localhost' is known and matches the ECDSA host key.
debug1: Found key in /Users/spacegoing/.ssh/known_hosts:26
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/spacegoing/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
这三行:
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/spacegoing/.ssh/id_rsa
debug1: Authentications that can continue: publickey
显示您所提供的公共密钥,但被拒绝;您不在目标主机的 authorized_keys文件中。
要将您的公钥复制到泊坞窗图像中,您可以使用此打字机,当然,还有许多其他方法可将密钥复制到机器中。
dd if=~/.ssh/id_rsa.pub | docker exec -it containername dd of=~/.ssh/authorized_keys
正如有人指出,但是,你的容器应尽可能小,理想甚至不需要自己的SSH服务器;但是,每个人的用例都不一样。
此命令将覆盖目标
看这句话:
debug1: identity file /Users/spacegoing/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
它看起来像你不要有你的设备上id_rsa键,当
debug1: Next authentication method: publickey
它不能找到它,请尝试使用以下命令添加此密钥:
cd ~/.ssh/
ssh-keygen id_rsa
然后按输入所有问题并重复您的连接。
tks为您的答案!但是我的''.ssh'文件夹里有这个文件。我也想知道这个警告:P – spacegoing
消息'key_load_public:没有这样的文件或目录'并不是说它没有找到私钥,而是它没有加载公钥。这只是一个警告,而不是一个错误。它可以被忽略,它不会阻止连接。 –
任何现有授权密钥的公钥添加到泊坞窗容器authorized_keys文件。 'dd if =〜/ .ssh/id_rsa.pub | docker exec -it containername dd =〜/ .ssh/authorized_keys'(这个命令可能不起作用,试图将它从一个docker主机中移走一行,但是这个point站起来) –
from:〜jpetazzo [如果你运行SSHD你的Docker容器,你做错了!](https://jpetazzo.github.io/2014/06/23/docker-ssh-considered-evil/) – tgogos
@MattClark非常感谢您的帮助!这种方法可行! – spacegoing