一、问题现象
ubuntu上启动ssh时,报错:
* Starting OpenBSD Secure Shell server sshd
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Could not load host key: /etc/ssh/ssh_host_ed25519_key
截图信息:
错误信息是说密钥不存在,查看目录确实是不存在:
root@maqianos:~# ll /etc/ssh/
total 552
drwxr-xr-x 1 root root 4096 May 21 22:41 ./
drwxr-xr-x 1 root root 4096 Sep 16 12:26 ../
-rw-r--r-- 1 root root 553122 Mar 4 2019 moduli
-rw-r--r-- 1 root root 1580 Mar 4 2019 ssh_config
-rw-r--r-- 1 root root 338 May 21 22:41 ssh_import_id
-rw-r--r-- 1 root root 3262 May 21 22:41 sshd_config
虽然有错误信息,但是从提示上看ssh服务是启动成功了,ps看进程也起来了。
不过客户端是不能远程上来的,连接时报错:
Connecting to 127.0.0.1:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Connection closing...Socket close.
Connection closed by foreign host.
Disconnected from remote host(127.0.0.1:22) at 10:13:57.
同时使用wireshark抓包看,可以发现连接被服务端断开了:
二、解决方案
2.1 生成rsa_key
命令:
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
输出:
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
SHA256:HCF6EzKhpOZAk6vDO1wABnPVtckUYoIOazXqEc9SgfA root@maqianos
The key's randomart image is:
+---[RSA 2048]----+
|*o=+Bo=.=. |
|+@o= *.* + |
|==E o o = |
|=B.o . o . |
|=.+ S |
|oo . |
|..o |
| + |
| . |
+----[SHA256]-----+
2.2 生成ecdsa_key
使用命令:
ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
输出:
Generating public/private ecdsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /etc/ssh/ssh_host_ecdsa_key.
Your public key has been saved in /etc/ssh/ssh_host_ecdsa_key.pub.
The key fingerprint is:
SHA256:XQ+3eH1AXF1TwFPH2/gll/CULXTmIpqHFdhLDvVGF5E root@maqianos
The key's randomart image is:
+---[ECDSA 256]---+
| +o+=O^|
| o o*=E*|
| +=.X+=|
| . *oBoO+|
| S = o +++|
| . . o|
| |
| |
| |
+----[SHA256]-----+
2.3 生成ed25519_key
命令:
ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
输出
Generating public/private ed25519 key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /etc/ssh/ssh_host_ed25519_key.
Your public key has been saved in /etc/ssh/ssh_host_ed25519_key.pub.
The key fingerprint is:
SHA256:St4uTjtl3HIt9DYyZhao2KNRQQthguqE2WJLYhSBHpU root@maqianos
The key's randomart image is:
+--[ED25519 256]--+
|.+=.=o. |
|oo E ... |
|=o. .. . |
|**. . . o |
|B.. +.oSo + |
| o oo+o= X = |
| o++.* = . |
| ..oo |
| .oo. |
+----[SHA256]-----+
2.3 重启ssh
执行/etc/init.d/sshd restart
重启ssh服务,无报错信息:
再次使用客户端连接可以连上!
此处评论已关闭