不使用密码托管的ssh‘’ing问题

Question

我正试图通过ssh登录到一个网具ReadyNAS 314 NAS。我已经设置了ssh并复制了适当的文件：

drw------- 1 jordan users 176 Aug 30 23:42 .ssh

在.ssh内部：

drwx------ 1 jordan users    34 Aug 30 23:31 ..
-rw------- 1 jordan users   395 Aug 30 23:32 authorized_keys
drwx------ 1 jordan users    32 Aug 30 23:32 github
-rwx------ 1 jordan users   395 Aug 30 23:32 id_rsa.pub
-rwx------ 1 jordan users  1675 Aug 30 23:32 id_rsa
-rwx------ 1 jordan users  1089 Aug 30 23:32 config
-rw------- 1 jordan users 20625 Aug 30 23:32 known_hosts
-rw------- 1 jordan users     0 Aug 30 23:42 ssh_authorized_keys

下面是我的/etc/sshd/sshd_config文件(请注意，由于某些原因，第一行是“不要编辑”)：

# Do not edit.
Protocol 2
Port 22
#ListenAddress ::
#ListenAddress 0.0.0.0
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
# Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 1024

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin no
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys %h/.ssh/ssh_authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net
# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

UsePAM yes

当我运行/usr/sbin/sshd -d时，会得到以下内容：

root@andraia:/home/jordan# /usr/sbin/sshd -d
debug1: Config token is protocol
debug1: Config token is port
debug1: Config token is hostkey
debug1: Config token is hostkey
debug1: Config token is hostkey
debug1: Config token is useprivilegeseparation
debug1: Config token is keyregenerationinterval
debug1: Config token is serverkeybits
debug1: Config token is syslogfacility
debug1: Config token is loglevel
debug1: Config token is logingracetime
debug1: Config token is permitrootlogin
debug1: Config token is strictmodes
debug1: Config token is rsaauthentication
debug1: Config token is pubkeyauthentication
debug1: Config token is authorizedkeysfile
debug1: Config token is ignorerhosts
debug1: Config token is rhostsrsaauthentication
debug1: Config token is hostbasedauthentication
debug1: Config token is permitemptypasswords
debug1: Config token is challengeresponseauthentication
debug1: Config token is passwordauthentication
debug1: Config token is x11forwarding
debug1: Config token is x11displayoffset
debug1: Config token is printmotd
debug1: Config token is printlastlog
debug1: Config token is tcpkeepalive
debug1: Config token is acceptenv
debug1: Config token is subsystem
debug1: Config token is usepam
debug1: HPN Buffer Size: 87380
debug1: sshd version OpenSSH_6.7, OpenSSL 1.0.1t  3 May 2016
debug1: private host key: #0 type 1 RSA
debug1: private host key: #1 type 2 DSA
debug1: private host key: #2 type 3 ECDSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 22 on 0.0.0.0.
debug1: Server TCP RWIN socket size: 87380
debug1: HPN Buffer Size: 87380
Server listening on 0.0.0.0 port 22.

当我试图连接时，我得到了这个：

debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
debug1: HPN Disabled: 0, HPN Buffer Size: 87380
Connection from <client-ip> port 55314 on <host-ip> port 22
debug1: Client protocol version 2.0; client software version OpenSSH_8.9p1 Ubuntu-3
SSH: Server;Ltype: Version;Remote: <client-ip>-55314;Protocol: 2.0;Client: OpenSSH_8.9p1 Ubuntu-3
debug1: Remote is NON-HPN aware
debug1: match: OpenSSH_8.9p1 Ubuntu-3 pat OpenSSH* compat 0x24000000
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1-hpn14v5 Debian-5+deb8u7.netgear1
debug1: permanently_set_uid: 82/99 [preauth]
debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: AUTH STATE IS 0 [preauth]
debug1: REQUESTED ENC.NAME is 'chacha20-poly1305@openssh.com' [preauth]
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none [preauth]
SSH: Server;Ltype: Kex;Remote: <client-ip>-55314;Enc: chacha20-poly1305@openssh.com;MAC: (null);Comp: none [preauth]
debug1: REQUESTED ENC.NAME is 'chacha20-poly1305@openssh.com' [preauth]
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user jordan service ssh-connection method none [preauth]
SSH: Server;Ltype: Authname;Remote: <client-ip>-55314;Name: jordan [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: Config token is protocol
debug1: Config token is port
debug1: Config token is hostkey
debug1: Config token is hostkey
debug1: Config token is hostkey
debug1: Config token is useprivilegeseparation
debug1: Config token is keyregenerationinterval
debug1: Config token is serverkeybits
debug1: Config token is syslogfacility
debug1: Config token is loglevel
debug1: Config token is logingracetime
debug1: Config token is permitrootlogin
debug1: Config token is strictmodes
debug1: Config token is rsaauthentication
debug1: Config token is pubkeyauthentication
debug1: Config token is authorizedkeysfile
debug1: Config token is ignorerhosts
debug1: Config token is rhostsrsaauthentication
debug1: Config token is hostbasedauthentication
debug1: Config token is permitemptypasswords
debug1: Config token is challengeresponseauthentication
debug1: Config token is passwordauthentication
debug1: Config token is x11forwarding
debug1: Config token is x11displayoffset
debug1: Config token is printmotd
debug1: Config token is printlastlog
debug1: Config token is tcpkeepalive
debug1: Config token is acceptenv
debug1: Config token is subsystem
debug1: Config token is usepam
debug1: PAM: initializing for "jordan"
debug1: PAM: setting PAM_RHOST to "surfer"
debug1: PAM: setting PAM_TTY to "ssh"

我知道关键文件很好，因为我在其他主机上使用它们，并且已经做了无数次了。还有件事我错过了..。

Answer 1

您的文件的访问权限不正确。从所有文件中移除Xecutable标志。

Answer 2

我相信，由于NAS是旧的，加密方法已经过时，无论出于什么原因，我的其他主机对此没有意见，但WSL2不是。我试图更新操作系统，但即使是这样也失败了：

jordan@andraia:~$ sudo apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] y
Setting up nfs-kernel-server (1:1.2.8-9+deb8u1) ...
update-rc.d: error: initscript does not exist: /etc/init.d/nfs-kernel-server
dpkg: error processing package nfs-kernel-server (--configure):
 subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
 nfs-kernel-server
E: Sub-process /usr/bin/dpkg returned an error code (1)

我在我的/etc/ssh/ssh_config中添加了以下内容：

PubkeyAcceptedKeyTypes ssh-rsa

现在，我可以在没有密码的情况下从WSL2环境中ssh到NAS (连接到其他主机也很好)。