我一直在使用以下命令调试 SSH 连接:
ssh -vT user@mysite.com
我收到以下消息:
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to smilescooter.com port 22.
debug1: Connection established.
debug1: identity file /Users/jerry/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_dsa-cert type -1
debug1: identity file /Users/jerry/.ssh/id_ecdsa type 2
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_ecdsa-cert type -1
...
debug3: hostkeys_foreach: reading file "/Users/jerry/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/jerry/.ssh/known_hosts:19
debug3: load_hostkeys: loaded 1 keys from smilescooter.com
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
幸运的是,问题已解决,但我感兴趣的是“身份文件file_route类型n ”的含义,这里的 n 可能是 -1,0,1,2 ...
又是什么后的数字(1/2/3 ..)调试在调试各行的开头是什么意思?
如果我在谷歌上找到了关于这个的结果,我不会在这里问它。谷歌有很多关于SSH问题调试的结果,但似乎没有人在谈论我在这里问过的两个。
非常感谢你。
Jak*_*kob 14
身份文件只是一个私钥(或证书),通常通过运行ssh-keygen. 这将默认创建一个 RSA 密钥,但您可以使用该-t选项进行更改。根据您的输出,您有一个 RSA 和一个 ECDSA 密钥。
中的数字identity file type .../.ssh/id_* type <number> 只是sshkey_types 枚举的整数值(从零开始)和 -1 表示错误(与大多数 POSIX 函数一样)。您可以看到文件名还包含密钥类型:
enum sshkey_types {
KEY_RSA, // id_rsa has type 0
KEY_DSA, // id_dsa has type 1, but as you have no id_dsa key file, -1 is used
KEY_ECDSA, // id_ecdsa has type 2
...
错误消息key_load_public: No such file or directory after the identity file...消息很奇怪,似乎相应的公钥文件被删除了。它们带有与带有附加.pub后缀的私钥相同的文件名。这并不悲惨,因为可以使用ssh-keygen -y.
这篇关于 OpenSSH 日志记录的 Wikibooks 文章中解释了调试输出。简而言之:debug[123]: ...行前缀中的数字表示其后面消息的调试级别。它对应于-v您在命令行上给出的s数(最大为 3)。即,如果你设置了-v,debug1消息将被打印出来,-vv你将得到debug1和debug2等等(虽然你只给出了一个,但你得到了debug3消息有点奇怪-v)