一、问题现象
ubuntu上启动ssh时,报错:
1 2 3 |
* Starting OpenBSD Secure Shell server sshd Could not load host key: /etc/ssh/ssh_host_rsa_key Could not load host key: /etc/ssh/ssh_host_ecdsa_key Could not load host key: /etc/ssh/ssh_host_ed25519_key |
截图信息:
错误信息是说密钥不存在,查看目录确实是不存在:
1 2 3 4 5 6 7 8 |
root@maqianos:~# ll /etc/ssh/ total 552 drwxr-xr-x 1 root root 4096 May 21 22:41 ./ drwxr-xr-x 1 root root 4096 Sep 16 12:26 ../ -rw-r--r-- 1 root root 553122 Mar 4 2019 moduli -rw-r--r-- 1 root root 1580 Mar 4 2019 ssh_config -rw-r--r-- 1 root root 338 May 21 22:41 ssh_import_id -rw-r--r-- 1 root root 3262 May 21 22:41 sshd_config |
虽然有错误信息,但是从提示上看ssh服务是启动成功了,ps看进程也起来了。
不过客户端是不能远程上来的,连接时报错:
1 2 3 4 5 6 7 8 |
Connecting to 127.0.0.1:22... Connection established. To escape to local shell, press 'Ctrl+Alt+]'. Connection closing...Socket close. Connection closed by foreign host. Disconnected from remote host(127.0.0.1:22) at 10:13:57. |
同时使用wireshark抓包看,可以发现连接被服务端断开了:
二、解决方案
2.1 生成rsa_key
命令:
1 |
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key |
输出:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /etc/ssh/ssh_host_rsa_key. Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub. The key fingerprint is: SHA256:HCF6EzKhpOZAk6vDO1wABnPVtckUYoIOazXqEc9SgfA root@maqianos The key's randomart image is: +---[RSA 2048]----+ |*o=+Bo=.=. | |+@o= *.* + | |==E o o = | |=B.o . o . | |=.+ S | |oo . | |..o | | + | | . | +----[SHA256]-----+ |
2.2 生成ecdsa_key
使用命令:
1 |
ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key |
输出:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
Generating public/private ecdsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /etc/ssh/ssh_host_ecdsa_key. Your public key has been saved in /etc/ssh/ssh_host_ecdsa_key.pub. The key fingerprint is: SHA256:XQ+3eH1AXF1TwFPH2/gll/CULXTmIpqHFdhLDvVGF5E root@maqianos The key's randomart image is: +---[ECDSA 256]---+ | +o+=O^| | o o*=E*| | +=.X+=| | . *oBoO+| | S = o +++| | . . o| | | | | | | +----[SHA256]-----+ |
2.3 生成ed25519_key
命令:
1 |
ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key |
输出
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
Generating public/private ed25519 key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /etc/ssh/ssh_host_ed25519_key. Your public key has been saved in /etc/ssh/ssh_host_ed25519_key.pub. The key fingerprint is: SHA256:St4uTjtl3HIt9DYyZhao2KNRQQthguqE2WJLYhSBHpU root@maqianos The key's randomart image is: +--[ED25519 256]--+ |.+=.=o. | |oo E ... | |=o. .. . | |**. . . o | |B.. +.oSo + | | o oo+o= X = | | o++.* = . | | ..oo | | .oo. | +----[SHA256]-----+ |
2.3 重启ssh
执行/etc/init.d/sshd restart
重启ssh服务,无报错信息:
再次使用客户端连接可以连上!
评论