問題描述:ssh err: Server responded "Too many authentication failures for "users"" ...
前一段時間使用SSH Secure Shell Client 工具,採用public key認證方式登錄一切正常;
新增一對密鑰,再次採用public key認證方式登錄,出現以下錯誤(但可以使用密碼認證方式正常登錄):
意思是使用root用戶認證失敗次數過多,無法登錄。
問題分析:
1、檢查配置文件/etc/ssh/sshd_config,無錯誤配置;
2、檢查密鑰都正常導入;
3、重新安裝ssh服務與SSH Secure Shell Client ,問題依舊;
4、使用debugging
使用SSH Secure Shell Client -->Help -->Debugging...
勾選Enable Debugging ,Debug級別3,Debug日誌文件debug_log.txt;
再次登錄,無法登錄,查看Debug日誌(部分內容):
server offers auth methods 'publickey,gssapi-with-mic,password'.
Ssh2AuthPubKeyClient/authc-pubkey.c:1794: Starting pubkey auth...
Ssh2AuthPubKeyClient/authc-pubkey.c:1751: Agent is not running.
Ssh2AuthPubKeyClient/authc-pubkey.c:1549: Got 0 keys from the agent.
Ssh2AuthPubKeyClient/authc-pubkey.c:1666: adding keyfile "C:\Documents and Settings\Administrator\Application Data\SSH\UserKeys\te1auth_key" to candidates
Ssh2AuthPubKeyClient/authc-pubkey.c:1666: adding keyfile "C:\Documents and Settings\Administrator\Application Data\SSH\UserKeys\te2auth_key" to candidates
Ssh2AuthPubKeyClient/authc-pubkey.c:1666: adding keyfile "C:\Documents and Settings\Administrator\Application Data\SSH\UserKeys\te3auth_key" to candidates
Ssh2AuthPubKeyClient/authc-pubkey.c:1666: adding keyfile "C:\Documents and Settings\Administrator\Application Data\SSH\UserKeys\te4auth_key" to candidates
Ssh2AuthPubKeyClient/authc-pubkey.c:1666: adding keyfile "C:\Documents and Settings\Administrator\Application Data\SSH\UserKeys\te5auth_key" to candidates
Ssh2AuthPubKeyClient/authc-pubkey.c:1666: adding keyfile "C:\Documents and Settings\Administrator\Application Data\SSH\UserKeys\te7auth_key" to candidates
Ssh2AuthPubKeyClient/authc-pubkey.c:1666: adding keyfile "C:\Documents and Settings\Administrator\Application Data\SSH\UserKeys\te8auth_key" to candidates
Ssh2AuthPubKeyClient/authc-pubkey.c:1666: adding keyfile "C:\Documents and Settings\Administrator\Application Data\SSH\UserKeys\vm8key" to candidates
Ssh2AuthPubKeyClient/authc-pubkey.c:1529: Trying 8 key candidates.
SshTcp/sshwintcp.c:187: winsock writing 1104
通過Debug日誌分析,SSH Secure Shell Client使用public key方式遠程登錄的過程, 在認證過程中查找認證文件是逐個依次查找的,所以查找了前面的七個,都不是與之相對應的認證文件,所以都沒成功登錄,這樣纔會出現登錄失敗次數過多的提示。找到了登錄失敗的原因之後,問題就好解決了,先刪除其他的認證文件,再登錄,又可以正常登錄了。
總結:出現問題之後,先分析出現問題之前與出現問題之後有什麼改變,把改變的部分與出錯信息聯想起來分析,習慣查看日誌信息,有助於快速解決問題。
附:這個問題困擾了我很多天,在百度、Google沒有搜索到有用的信息,有類似的問題,卻沒有實質性的解決問題。今天通過自己的分析把問題解決了,稍微有點兒欣慰,記下來,希望能幫助遇到此類問題的朋友。