配置新的 Digital Ocean droplet 使用 SSH 密钥。当我运行 ssh-copy-id
时,我得到以下输出:
ssh-copy-id user@012.345.67.89
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
sign_and_send_pubkey: signing failed: agent refused operation
user@012.345.67.89's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'user@012.345.67.89'"
and check to make sure that only the key(s) you wanted were added.
但是,当我尝试进行ssh连接时,发生了这种情况:
ssh user@012.345.67.89
sign_and_send_pubkey: signing failed: agent refused operation
user@012.345.67.89's password:
输入密码后,我可以正常登录,但这显然违背了首次创建SSH密钥的初衷。我决定查看服务器端的ssh-agent,以下是我得到的结果:
user@012.345.67.89:~# eval `ssh-agent -s`
Agent pid 5715
user@012.345.67.89:~# ssh-add -l
The agent has no identities.
user/.ssh/authorized_keys中也包含一个ssh-rsa键入条目,但是find -name "keynamehere"
返回为空。
gpg-agent
来进行 SSH 功能,但这未完全解决问题。我已经在gpg-agent.conf
中添加了enable-ssh-support
,但仍然出现相同的错误信息。我在邮件列表上找到了一个解决方法:运行gpg-connect-agent updatestartuptty /bye
。参考链接:https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835394 - Rolandssh-add
命令,让ssh-agent
意识到新的私钥(参见https://linux.die.net/man/1/ssh-agent)。 - alex