1

当我使用 RSA 密钥和 ssh 配置文件通过 Fabric 连接到多个服务器时出现错误。我的客户是雪豹 10.6.8,带有 python 2.7.2、Fabric 1.4.0、ssh(库)1.7.13。我使用多个带有密码的 RSA 密钥(不使用密码是不可能的)。我将密码添加到 ssh-add。我可以毫无问题地通过 ssh 连接到我的所有服务器。我将 env.use_ssh_config = True 添加到我的 fab 文件中以读取我的 ssh 配置文件。

当我使用 RSA 密钥(带有密码)连接到一台服务器时,一切正常。

但是当我连接到 2 台或更多主机时,我不断收到第二台服务器的“登录密码”。

fab -H server1,server2 test
[server1] Executing task 'test'
[server1] run: uname -s
[server1] out: Linux

[server2] Executing task 'test'
[server2] run: uname -s
[server2] Login password:

我的fabfile

from fabric.api import *
import ssh
ssh.util.log_to_file("paramiko.log", 10)

env.use_ssh_config = True

def test():
    run('uname -s')

我的 ssh 配置文件

Host server1
HostName xx.xx.xx.xx
Port 6666
User AB1
HashKnownHosts yes
PreferredAuthentications publickey
AddressFamily inet    

Host server2
HostName xx.xx.xx.xx
Port 6666
User BC2
HashKnownHosts yes
PreferredAuthentications publickey
AddressFamily inet

在我的 ssh 配置文件中,我尝试删除“HashKnownHosts yes”,但这并没有改变任何东西。

paramiko.log

DEB [20120329-17:33:30.747] thr=1   ssh.transport: starting thread (client mode): 0x1382350L
INF [20120329-17:33:30.769] thr=1   ssh.transport: Connected (version 2.0, client OpenSSH_4.3)
DEB [20120329-17:33:30.786] thr=1   ssh.transport: kex algos:['diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] server encrypt:['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'arcfour256', 'arcfour128', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc', 'arcfour', 'rijndael-cbc@lysator.liu.se'] client mac:['hmac-md5', 'hmac-sha1', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'hmac-ripemd160', 'hmac-ripemd160@openssh.com', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['none', 'zlib@openssh.com'] server compress:['none', 'zlib@openssh.com'] client lang:[''] server lang:[''] kex follows?False
DEB [20120329-17:33:30.786] thr=1   ssh.transport: Ciphers agreed: local=aes128-ctr, remote=aes128-ctr
DEB [20120329-17:33:30.786] thr=1   ssh.transport: using kex diffie-hellman-group1-sha1; server key type ssh-rsa; cipher: local aes128-ctr, remote aes128-ctr; mac: local hmac-sha1, remote hmac-sha1; compression: local none, remote none
DEB [20120329-17:33:30.866] thr=1   ssh.transport: Switch to new keys ...
DEB [20120329-17:33:30.875] thr=2   ssh.transport: Trying SSH agent key ar8298z4c935cde079ef98763678ecc5
DEB [20120329-17:33:30.935] thr=1   ssh.transport: userauth is OK
INF [20120329-17:33:31.017] thr=1   ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:31.039] thr=2   ssh.transport: Trying SSH agent key 0273aff478dddddd05378738dhe98798
DEB [20120329-17:33:31.055] thr=1   ssh.transport: userauth is OK
INF [20120329-17:33:31.135] thr=1   ssh.transport: Authentication (publickey) successful!
DEB [20120329-17:33:31.140] thr=2   ssh.transport: [chan 1] Max packet in: 34816 bytes
DEB [20120329-17:33:31.159] thr=1   ssh.transport: [chan 1] Max packet out: 32768 bytes
INF [20120329-17:33:31.159] thr=1   ssh.transport: Secsh channel 1 opened.
DEB [20120329-17:33:31.189] thr=1   ssh.transport: [chan 1] Sesch channel 1 request ok
DEB [20120329-17:33:31.218] thr=1   ssh.transport: [chan 1] Sesch channel 1 request ok
DEB [20120329-17:33:31.237] thr=1   ssh.transport: [chan 1] EOF received (1)
DEB [20120329-17:33:31.237] thr=1   ssh.transport: [chan 1] EOF sent (1)
DEB [20120329-17:33:31.275] thr=3   ssh.transport: starting thread (client mode): 0x10f9050L
INF [20120329-17:33:32.126] thr=3   ssh.transport: Connected (version 2.0, client OpenSSH_5.3)
DEB [20120329-17:33:32.156] thr=3   ssh.transport: kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie-hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['blowfish-cbc', 'aes256-cbc', 'aes256-ctr'] server encrypt:['blowfish-cbc', 'aes256-cbc', 'aes256-ctr'] client mac:['hmac-sha1', 'hmac-sha1-96'] server mac:['hmac-sha1', 'hmac-sha1-96'] client compress:['none', 'zlib@openssh.com', 'zlib'] server compress:['none', 'zlib@openssh.com', 'zlib'] client lang:[''] server lang:[''] kex follows?False
DEB [20120329-17:33:32.156] thr=3   ssh.transport: Ciphers agreed: local=aes256-ctr, remote=aes256-ctr
DEB [20120329-17:33:32.156] thr=3   ssh.transport: using kex diffie-hellman-group1-sha1; server key type ssh-rsa; cipher: local aes256-ctr, remote aes256-ctr; mac: local hmac-sha1, remote hmac-sha1; compression: local none, remote none
DEB [20120329-17:33:32.209] thr=3   ssh.transport: Switch to new keys ...
DEB [20120329-17:33:32.243] thr=2   ssh.transport: Trying SSH agent key ar8298z4c935cde079ef98763678ecc5
DEB [20120329-17:33:32.307] thr=3   ssh.transport: userauth is OK
INF [20120329-17:33:32.426] thr=3   ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:32.444] thr=2   ssh.transport: Trying SSH agent key 0273aff478dddddd05378738dhe98798
DEB [20120329-17:33:32.476] thr=3   ssh.transport: userauth is OK
INF [20120329-17:33:32.570] thr=3   ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:32.578] thr=2   ssh.transport: Trying SSH agent key 7382deeeee873897883ccc9878972878
DEB [20120329-17:33:32.608] thr=3   ssh.transport: userauth is OK
INF [20120329-17:33:32.702] thr=3   ssh.transport: Authentication (publickey) failed.
DEB [20120329-17:33:32.711] thr=2   ssh.transport: Trying SSH agent key 98792098cccccccccccceeeeeeee9878
DEB [20120329-17:33:32.743] thr=3   ssh.transport: userauth is OK
INF [20120329-17:33:32.843] thr=3   ssh.transport: Authentication (publickey) failed.

两台服务器的 SSH 代理密钥 0273aff478dddddd05378738dhe98798 相同。它在第一台服务器上连接,但在第二台服务器上失败。我尝试以不同的顺序使用不同的服务器,但我总是遇到同样的问题,即面料要求第二台服务器的密码。

我怎样才能解决这个问题?

谢谢

4

1 回答 1

1

将 use_ssh_config 选项设置为 true,应该会选择用户名。您可以通过在 python repl 中运行这些行来测试它。

于 2012-04-26T00:42:00.547 回答