拒绝从windows到yubikey ED25519-SK的openssh连接
拒绝从windows到yubikey ED25519-SK的openssh连接
提问于 2022-07-08 08:22:58
我使用我的yubikey来使用ssh对远程主机进行身份验证。它在Linux上工作(使用相同的键),在Windows上使用git-bash失败。
所有这些都在windows 10上,这是OpenSSH_9.0p1,OpenSSL 1.1.1p 2022年6月21日
这是错误消息。为什么签字失败了?
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /c/Users/Andreas/.ssh/id_ohnering_sk ED25519-SK SHA256:C2BdL8/gLMbP6ktTI/Z22+FhZ51VbPhvxnto7GYxkj4 explicit authenticator agent
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: /c/Users/Andreas/.ssh/id_ohnering_sk ED25519-SK SHA256:C2BdL8/gLMbP6ktTI/Z22+FhZ51VbPhvxnto7GYxkj4 explicit authenticator agent
sign_and_send_pubkey: signing failed for ED25519-SK "/c/Users/Andreas/.ssh/id_ohnering_sk" from agent: agent refused operation
debug1: Offering public key: /c/Users/Andreas/.ssh/id_ring_sk ED25519-SK SHA256:chjSSXPpiBHI+0MnO8v51yC8632tKr358BPGUubkrto explicit authenticator agent
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: /c/Users/Andreas/.ssh/id_ring_sk ED25519-SK SHA256:chjSSXPpiBHI+0MnO8v51yC8632tKr358BPGUubkrto explicit authenticator agent
sign_and_send_pubkey: signing failed for ED25519-SK "/c/Users/Andreas/.ssh/id_ring_sk" from agent: agent refused operation
debug1: Offering public key: /c/Users/Andreas/.ssh/id_rsa RSA SHA256:5sI4OvJOs6+7RcD76iomtR6geCSBoZ5397jeWzNlspE agent
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
aschuld@ssh.blah: Permission denied (publickey).代理人有钥匙
ssh-add -l
4096 SHA256:5sI4OvJOs6+7RcD76iomtR6geCSBoZ5397jeWzNlspE /c/Users/andreas/.ssh/id_rsa (RSA)
256 SHA256:C2BdL8/gLMbP6ktTI/Z22+FhZ51VbPhvxnto7GYxkj4 andreas@salomon (ED25519-SK)
256 SHA256:chjSSXPpiBHI+0MnO8v51yC8632tKr358BPGUubkrto andreas@salomon (ED25519-SK)这是我的钥匙的权限(在窗口上)
ls -al .ssh
total 85
drwxr-xr-x 1 Andreas 197121 0 Jul 7 16:24 ./
drwxr-xr-x 1 Andreas 197121 0 Jul 7 16:27 ../
-rw-r--r-- 1 Andreas 197121 1471 Jun 17 13:46 config
-rw-r--r-- 1 Andreas 197121 407 Jul 6 2021 id_mykey_sk
-rw-r--r-- 1 Andreas 197121 144 Jul 6 2021 id_mykey_sk.pub
-rw-r--r-- 1 Andreas 197121 561 Jun 17 13:33 id_ohnering_sk
-rw-r--r-- 1 Andreas 197121 144 Jun 17 13:33 id_ohnering_sk.pub
-rw-r--r-- 1 Andreas 197121 561 Jun 17 13:33 id_ring_sk
-rw-r--r-- 1 Andreas 197121 144 Jun 17 13:33 id_ring_sk.pub
-rw-r--r-- 1 Andreas 197121 4583 May 17 13:50 known_hosts显然,这些权限在linux上是不够的。窗户上还好吗?我似乎无法将它们设置为600。不过,我认为这不是问题所在。
这里发生什么事情?我怎么才能让它起作用?
回答 1
Server Fault用户
回答已采纳
发布于 2022-07-08 22:04:16
这似乎是一个问题,需要运行git作为管理员,所以它可以访问USB设备。(即使是原始的yubikey工具也需要作为管理员运行,才能被访问。)第二个问题是库路径中的旧winhello.dll。我把它拿走了。然后,我能够在windows上生成一个新的ED25519_SK密钥,并使用该密钥进行身份验证。
页面原文内容由Server Fault提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://serverfault.com/questions/1105091
复制相关文章
相似问题
腾讯云开发者
