1. 首頁
  2. 問答
  3. SSH到Docker:權限被拒絕(publickey)

SSH到Docker:權限被拒絕(publickey)

2017-06-02 231 views
1

我正在運行一個碼頭容器,並想使用emacs的tramp包對其進行ssh操作。我可以成功使用docker exec -it containername bash。但我只想用我的emacs來配置工作。我已經將容器的端口22暴露給本地端口22.SSH到Docker:權限被拒絕(publickey)

順便說一下,我的.ssh文件夾中確實有id_rsa

但是,即使我使用ssh -p 22 [email protected]它仍然無法正常工作。該日誌如下:

OpenSSH_7.4p1, LibreSSL 2.5.0 
debug1: Reading configuration data /Users/spacegoing/.ssh/config 
debug1: /Users/spacegoing/.ssh/config line 26: Applying options for * 
debug1: Reading configuration data /etc/ssh/ssh_config 
debug1: Connecting to localhost [::1] port 22. 
debug1: connect to address ::1 port 22: Connection refused 
debug1: Connecting to localhost [127.0.0.1] port 22. 
debug1: Connection established. 
debug1: identity file /Users/spacegoing/.ssh/id_rsa type 1 
debug1: key_load_public: No such file or directory 
debug1: identity file /Users/spacegoing/.ssh/id_rsa-cert type -1 
debug1: Enabling compatibility mode for protocol 2.0 
debug1: Local version string SSH-2.0-OpenSSH_7.4 
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1 Debian-4+deb7u3 
debug1: match: OpenSSH_6.0p1 Debian-4+deb7u3 pat OpenSSH* compat 0x04000000 
debug1: Authenticating to localhost:22 as 'dwolf' 
debug1: SSH2_MSG_KEXINIT sent 
debug1: SSH2_MSG_KEXINIT received 
debug1: kex: algorithm: ecdh-sha2-nistp256 
debug1: kex: host key algorithm: ecdsa-sha2-nistp256 
debug1: kex: server->client cipher: aes128-ctr MAC: [email protected]ssh.com compression: none 
debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none 
debug1: sending SSH2_MSG_KEX_ECDH_INIT 
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY 
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:w7Y3BsQ1xof3U5cohsL5y9ctWvgNaTuXdbDFwQtE+Gc 
debug1: Host 'localhost' is known and matches the ECDSA host key. 
debug1: Found key in /Users/spacegoing/.ssh/known_hosts:26 
debug1: rekey after 4294967296 blocks 
debug1: SSH2_MSG_NEWKEYS sent 
debug1: expecting SSH2_MSG_NEWKEYS 
debug1: SSH2_MSG_NEWKEYS received 
debug1: rekey after 4294967296 blocks 
debug1: SSH2_MSG_SERVICE_ACCEPT received 
debug1: Authentications that can continue: publickey 
debug1: Next authentication method: publickey 
debug1: Offering RSA public key: /Users/spacegoing/.ssh/id_rsa 
debug1: Authentications that can continue: publickey 
debug1: No more authentication methods to try. 
Permission denied (publickey).

來源

2017-06-02 spacegoing

+0

任何現有授權密鑰的公鑰添加到泊塢窗容器authorized_keys文件。 'dd if =〜/ .ssh/id_rsa.pub | docker exec -it containername dd =〜/ .ssh/authorized_keys'(這個命令可能不起作用,試圖將它從一個docker主機中移走一行,但是這個point站起來) –

+0

from:〜jpetazzo [如果你運行SSHD你的Docker容器,你做錯了!](https://jpetazzo.github.io/2014/06/23/docker-ssh-considered-evil/) – tgogos

+0

@MattClark非常感謝您的幫助!這種方法可行! – spacegoing

回答

1

這三行:

debug1: Next authentication method: publickey 
debug1: Offering RSA public key: /Users/spacegoing/.ssh/id_rsa 
debug1: Authentications that can continue: publickey

顯示您所提供的公共密鑰,但被拒絕;您不在目標主機的 authorized_keys文件中。

要將您的公鑰複製到泊塢窗圖像中,您可以使用此打字機,當然,還有許多其他方法可將密鑰複製到機器中。

dd if=~/.ssh/id_rsa.pub | docker exec -it containername dd of=~/.ssh/authorized_keys

正如有人指出,但是,你的容器應儘可能小,理想甚至不需要自己的SSH服務器;但是,每個人的用例都不一樣。

此命令將覆蓋目標

來源

2017-06-02 14:59:06

1

看這句話:

debug1: identity file /Users/spacegoing/.ssh/id_rsa type 1 
debug1: key_load_public: No such file or directory

它看起來像你不要有你的設備上id_rsa鍵,當

debug1: Next authentication method: publickey

它不能找到它,請嘗試使用以下命令添加此密鑰:

cd ~/.ssh/ 
ssh-keygen id_rsa

然後按輸入所有問題並重復您的連接。

來源

2017-06-02 14:43:31

+0

tks爲您的答案!但是我的''.ssh'文件夾裏有這個文件。我也想知道這個警告:P – spacegoing

+0

消息'key_load_public:沒有這樣的文件或目錄'並不是說它沒有找到私鑰,而是它沒有加載公鑰。這只是一個警告,而不是一個錯誤。它可以被忽略,它不會阻止連接。 –

相關問題

 相關問題