无法SSH进入Ubuntu Touch设备
从我的电脑:
cameron@cameron-ubuntu:~$ ssh phablet@192.168.99.124 Permission denied (publickey). 所以看来手机上的openssh没有启用密码validation。 但在我看来它应该是这样的。 来自手机的/ etc / ssh / sshd_config是默认值:
# Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 1024 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin without-password StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes
我也尝试使用PasswordAuthentication yes (即取消注释,但在我看来,“是”是默认值)。
另外,如果它包含一些我不知道的有用信息,ssh -v:
cameron@cameron-ubuntu:~$ ssh phablet@192.168.99.124 -v OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to 192.168.99.124 [192.168.99.124] port 22. debug1: Connection established. debug1: identity file /home/cameron/.ssh/id_rsa type -1 debug1: identity file /home/cameron/.ssh/id_rsa-cert type -1 debug1: identity file /home/cameron/.ssh/id_dsa type -1 debug1: identity file /home/cameron/.ssh/id_dsa-cert type -1 debug1: identity file /home/cameron/.ssh/id_ecdsa type -1 debug1: identity file /home/cameron/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/cameron/.ssh/id_ed25519 type -1 debug1: identity file /home/cameron/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6p1 Ubuntu-2ubuntu1 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-7 debug1: match: OpenSSH_6.6.1p1 Ubuntu-7 pat OpenSSH* compat 0x04000000 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA 7f:25:18:85:69:9f:9f:f2:25:e8:93:93:c1:50:56:c6 debug1: Host '192.168.99.124' is known and matches the ECDSA host key. debug1: Found key in /home/cameron/.ssh/known_hosts:16 debug1: ssh_ecdsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/cameron/.ssh/id_rsa debug1: Trying private key: /home/cameron/.ssh/id_dsa debug1: Trying private key: /home/cameron/.ssh/id_ecdsa debug1: Trying private key: /home/cameron/.ssh/id_ed25519 debug1: No more authentication methods to try. Permission denied (publickey).
手机上的SSH守护程序随选项一起运行
/usr/sbin/sshd -D -o PasswordAuthentication=no
它会覆盖配置文件中的任何选项。 可能很难改变这一点。
在这种情况下,设置公钥认证可能更容易(也更安全)。 将您的公钥粘贴到/home/phablet/.ssh/authorized_keys2 。 是的,最后有一个2,这让我觉得甚至没有使用/etc/ssh/sshd_config 。
您只需要一种初始登录手机的方法。 尝试使用adb shell或Ubuntu SDK中的Qt Creator中的按钮来启用开发人员模式,设置公钥认证等。
/etc/init/ssh.override是覆盖默认ssh选项的那个。
cat /etc/init/ssh.override manual exec /usr/sbin/sshd -D -o PasswordAuthentication=no
所以你可以从这里删除它。
在手机上安装终端应用程序。 切换到开发人员模式(在设置/关于设备)并设置密码(不是pin)。 运行终端并输入此命令
/ usr / sbin目录/ sshd的
现在,您可以使用计算机中的ssh连接到设备(例如)
使用切换到开发人员模式时放入的密码。 当然,IP地址需要是你手机的IP。 如果您不知道,只需在手机终端中运行ifconfig命令并在wlan界面附近查找IP。
如果您希望下次更容易,请将密钥从计算机复制到移动设备
ssh-copy-id phablet@192.168.1.100
下次您不需要密码,甚至可能禁用开发人员模式。 仍然需要运行ssh服务器,这次使用命令
sudo /etc/init.d/sshd重启