个人中心
gpt4 book ai didi

macos - 为什么这个 erlang ssh 守护进程响应 'no hostkey alg' ?

转载 作者:行者123 更新时间:2023-12-02 12:57:54 25 4
gpt4 key购买 nike

我对 OTP ssh 守护进程实现的行为有点困惑,我想知道是否有人可以帮我解决问题。预赛;我有以下程序:

-module(sshd).

-export([start/0, stop/1]).

-spec start() -> {ok, ssh:ssh_daemon_ref()} | {error, atom()}.
start() ->
    _ = application:start(crypto),
    _ = application:start(ssh),

    Opts = [
            {system_dir, "/etc/erl_sshd/"},
            {pwdfun, fun passwd/2}
           ],

    ssh:daemon(2222, Opts).

-spec stop(ssh:ssh_daemon_ref()) -> ok.
stop(Ref) ->
    ssh:stop_daemon(Ref).

%% ===================================================================                  
%%  Internal Functions                                                                  
%% ===================================================================                  

-spec passwd(User::string(), Password::string()) -> boolean().
passwd(User, User) ->
    true;
passwd(_User, _Password) ->
    false.

并已在磁盘上创建了 /tmp/erl_sshd,如下所示:

> mkdir /tmp/erl_sshd
> ssh-keygen -t rsa -f /tmp/erl_sshd/ssh_host_rsa_key
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /tmp/erl_sshd/ssh_host_rsa_key.
Your public key has been saved in /tmp/erl_sshd/ssh_host_rsa_key.pub.
The key fingerprint is:
...

使用 OpenSSHd 进行测试:

> /usr/sbin/sshd -p 2222 -h /tmp/erl_sshd/ssh_host_rsa_key -d   
debug1: sshd version OpenSSH_5.6p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: setgroups() failed: Operation not permitted
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-p'
debug1: rexec_argv[2]='2222'
debug1: rexec_argv[3]='-h'
debug1: rexec_argv[4]='/tmp/erl_sshd/ssh_host_rsa_key'
debug1: rexec_argv[5]='-d'
debug1: Bind to port 2222 on 0.0.0.0.
Server listening on 0.0.0.0 port 2222.
debug1: Bind to port 2222 on ::.
Server listening on :: port 2222.

我可以得到提示,没有问题:

> ssh localhost -p 2222 -v
OpenSSH_5.6p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug1: Applying options for *
debug1: Applying options for *
debug1: Connecting to localhost [::1] port 2222.
debug1: Connection established.
debug1: identity file /Users/blt/.ssh/id_rsa type 1
debug1: identity file /Users/blt/.ssh/id_rsa-cert type -1
debug1: identity file /Users/blt/.ssh/id_dsa type -1
debug1: identity file /Users/blt/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.6
debug1: match: OpenSSH_5.6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: checking without port identifier
The authenticity of host '[localhost]:2222 ([::1]:2222)' can't be established.
RSA key fingerprint is 01:0e:c6:0b:f4:48:ab:0a:49:2a:66:38:27:67:8f:52.
Are you sure you want to continue connecting (yes/no)? ^C

但是当我启动 erlang sshd 时:

> erl
Erlang R15B03 (erts-5.9.3) [source] [64-bit] [smp:8:8] [async-threads:0] [hipe] [kernel-poll:false]

Eshell V5.9.3  (abort with ^G)
1> c(sshd), {ok, Ref} = sshd:start().
{ok,<0.49.0>}
2>

运气不好:

> ssh localhost -p 2222 -v                                    
OpenSSH_5.6p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug1: Applying options for *
debug1: Applying options for *
debug1: Connecting to localhost [::1] port 2222.
debug1: Connection established.
debug1: identity file /Users/blt/.ssh/id_rsa type 1
debug1: identity file /Users/blt/.ssh/id_rsa-cert type -1
debug1: identity file /Users/blt/.ssh/id_dsa type -1
debug1: identity file /Users/blt/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version Erlang
debug1: no match: Erlang
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-sha1 none
debug1: kex: client->server aes128-cbc hmac-sha1 none
no hostkey alg

除了创建用户之外,我还执行了 User Guide 中概述的相同步骤。并涵盖了与 this question 相同的领域。我使用的是 OS X 系统:

> sw_vers
ProductName:    Mac OS X
ProductVersion: 10.7.5
BuildVersion:   11G63

如果我以 root 用户身份运行 erlang shell 并将 system_dir 重定向到 /etc ,一切都会按预期进行。其他人清楚发生了什么吗?也许 erlang 默默地出错了 /tmp/erl_sshd 目录的用户权限?我之前已经打开了 sasl 应用程序,但输出中没有任何内容让我觉得相关。

最佳答案

看起来在设置{system_dir, "/etc/erl_sshd/"}时它实际上应该是/tmp/erl_sshd/。您已将所有守护程序文件添加到 /tmp/erl_sshd。运行 OpenSSH 时,您还可以使用 /tmp/erl_sshd 以及正确的文件。

关于macos - 为什么这个 erlang ssh 守护进程响应 'no hostkey alg' ?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/17312981/

25 4 0
文章推荐: 方法文档中的 Kotlin 静态字段值?
文章推荐: java - 如何使用Camel Apache计时器组件
文章推荐: kotlin - 了解Kotlin中的辅助构造函数
文章推荐: java - 如何仅在移动开关时重置?
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com