ssh nie można użyć pliku config IdentityFile w ~/.ssh/config

Question

klienta: Mac 10.8, Serwer: Ubuntu 10.04 LTS 64bit

używam 'ssh-keygen -t rsa' generowania kluczy publicznych/prywatnych.

Po pierwsze, wejście: ssh -i /Users/phenix/.ssh/poponet_rsa root@popo.net, mogę się zalogować do serwera z klucza prywatnego 'poponet_rsa'

Następnie tworzę plik konfiguracyjny: /Users/phenix/.ssh/config, z zawartością:

Host popo 
    Hostname popo.net 
    User root 
    PreferredAuthentications publickey 
    IdentityFile /Users/phenix/.ssh/poponet_rsa 

i wejście ssh root@popo.net, terminal zadać mi hasło.

Następnie zmienić poponet_rsa nazwa pliku do id_rsa, a wejście ssh root@popo.net, OK, mogę się zalogować.

Moje pytanie: ssh nie może używać konfiguracji IdentityFile w pliku ~/.ssh/config, dlaczego?

$ ssh -vvv root@popo.net 
OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011 
debug1: Reading configuration data /Users/phenix/.ssh/config 
debug1: /Users/phenix/.ssh/config line 1: Applying options for popo.net 
debug1: /Users/phenix/.ssh/config line 2: Applying options for popo.net 
debug1: Reading configuration data /etc/ssh_config 
debug1: /etc/ssh_config line 20: Applying options for * 
debug2: ssh_connect: needpriv 0 
debug1: Connecting to popo.net [111.111.111.111] port 22. 
debug1: Connection established. 
debug3: Incorrect RSA1 identifier 
debug3: Could not load "/Users/phenix/.ssh/id_rsa" as a RSA1 public key 
debug1: identity file /Users/phenix/.ssh/id_rsa type -1 
debug1: identity file /Users/phenix/.ssh/id_rsa-cert type -1 
debug1: identity file /Users/phenix/.ssh/id_dsa type -1 
debug1: identity file /Users/phenix/.ssh/id_dsa-cert type -1 
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu7 
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH* 
debug1: Enabling compatibility mode for protocol 2.0 
debug1: Local version string SSH-2.0-OpenSSH_5.9 
debug2: fd 3 setting O_NONBLOCK 
debug3: load_hostkeys: loading entries for host "popo.net" from file "/Users/phenix/.ssh/known_hosts" 
debug3: load_hostkeys: found key type RSA in file /Users/phenix/.ssh/known_hosts:1 
debug3: load_hostkeys: loaded 1 keys 
debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa 
debug1: SSH2_MSG_KEXINIT sent 
debug1: SSH2_MSG_KEXINIT received 
debug2: kex_parse_kexinit: **too much init, i delete them.** 
debug2: mac_setup: found hmac-md5 
debug1: kex: server->client aes128-ctr hmac-md5 none 
debug2: mac_setup: found hmac-md5 
debug1: kex: client->server aes128-ctr hmac-md5 none 
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent 
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP 
debug2: dh_gen_key: priv key bits set: 135/256 
debug2: bits set: 468/1024 
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent 
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY 
debug1: Server host key: RSA xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx 
debug3: load_hostkeys: loading entries for host "popo.net" from file "/Users/phenix/.ssh/known_hosts" 
debug3: load_hostkeys: found key type RSA in file /Users/phenix/.ssh/known_hosts:1 
debug3: load_hostkeys: loaded 1 keys 
debug3: load_hostkeys: loading entries for host "111.111.111.111" from file "/Users/phenix/.ssh/known_hosts" 
debug3: load_hostkeys: found key type RSA in file /Users/phenix/.ssh/known_hosts:1 
debug3: load_hostkeys: loaded 1 keys 
debug1: Host 'popo.net' is known and matches the RSA host key. 
debug1: Found key in /Users/phenix/.ssh/known_hosts:1 
debug2: bits set: 516/1024 
debug1: ssh_rsa_verify: signature correct 
debug2: kex_derive_keys 
debug2: set_newkeys: mode 1 
debug1: SSH2_MSG_NEWKEYS sent 
debug1: expecting SSH2_MSG_NEWKEYS 
debug2: set_newkeys: mode 0 
debug1: SSH2_MSG_NEWKEYS received 
debug1: Roaming not allowed by server 
debug1: SSH2_MSG_SERVICE_REQUEST sent 
debug2: service_accept: ssh-userauth 
debug1: SSH2_MSG_SERVICE_ACCEPT received 
debug2: key: /Users/phenix/.ssh/id_rsa (0x0) 
debug2: key: /Users/phenix/.ssh/id_dsa (0x0) 
debug1: Authentications that can continue: publickey,password 
debug3: start over, passed a different list publickey,password 
debug3: preferred publickey,keyboard-interactive,password 
debug3: authmethod_lookup publickey 
debug3: remaining preferred: keyboard-interactive,password 
debug3: authmethod_is_enabled publickey 
debug1: Next authentication method: publickey 
debug1: Trying private key: /Users/phenix/.ssh/id_rsa 
debug1: key_parse_private_pem: PEM_read_PrivateKey failed 
debug1: read PEM private key done: type <unknown> 
debug2: no passphrase given, try next key 
debug1: Trying private key: /Users/phenix/.ssh/id_dsa 
debug3: no such identity: /Users/phenix/.ssh/id_dsa 
debug2: we did not send a packet, disable method 
debug3: authmethod_lookup password 
debug3: remaining preferred: ,password 
debug3: authmethod_is_enabled password 
debug1: Next authentication method: password 
root@popo.net's password: 

Answer 1

Jeśli ~/.ssh/config jest wszystko w jednej linii (jak Twój post wskazuje) tak:

Host popo Hostname popo.net User root PreferredAuthentications publickey IdentityFile /Users/phenix/.ssh/poponet_rsa 

wtedy, że nie będzie działać. Trzeba podzielić każdej dyrektywy na własnej linii, tak:

Host popo 
Hostname popo.net 
User root 
PreferredAuthentications publickey 
IdentityFile /Users/phenix/.ssh/poponet_rsa 

Answer 2

Nie sądzę, że odpowiedź jest rzeczywisty na pytanie Autora, ale google powrót ten temat w pierwszej stronie.

Mam podobny problem. Kluczowe linie w logu:

debug3: Incorrect RSA1 identifier 
debug3: Could not load "/Users/phenix/.ssh/id_rsa" as a RSA1 public key 

, więc ssh nie wie o twoim poppet.key. W moim przypadku wystąpił błąd w nazwie pliku.

Polecam podwójnie sprawdzić nazwy kluczy w ~/.ssh/config.

Answer 3

Znalazłem odpowiedź na mój problem tutaj: https://superuser.com/a/436015.

W skrócie, należy podać na hoście lub konfiguracji globalnego klienta SSH, ponieważ w przeciwnym razie można również wypróbować nieokreślone klucze, w tym klucze w numerze ssh-agent, jeśli jest uruchomiony.