问题
I am trying to find the solution to this and can't understand what I'm doing wrong.
On my linux server I have run the following command:
ssh-keygen -t rsa
This generated an id_rsa and id_rsa.pub file.
I then copied them both locally and attempted to run the following code:
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('myserver', username='myuser', key_filename='id_rsa')
sftp = ssh.open_sftp()
sftp.chdir('/path/to/file')
sftp.get(file, os.path.join(tmp_dir, '{0}.existing-{1}'.format('myfile', current_datetime)))
except Exception, err:
logging.debug(err)
logging.info('Error connecting to Host')
I get the following error in my log:
2017-08-22 22:41:54,486 Switch to new keys ...
2017-08-22 22:41:54,502 Adding ssh-ed25519 host key for myserver.domain.com: 51ac2fe875499371256dd8c5a132f394
2017-08-22 22:41:54,502 Trying key 7688e32d30edb2c94bfe39be9897004f from id_rsa
2017-08-22 22:41:54,532 userauth is OK
2017-08-22 22:41:54,549 Authentication (publickey) failed.
2017-08-22 22:41:54,563 not a valid OPENSSH private key file
2017-08-22 22:41:54,563 Error connecting to Host
2017-08-22 22:41:54,657 EOF in transport thread
am I missing something? It is a valid OPENSSH private key file.
edit - if I use the id_rsa.pub I get the following:
2017-08-22 22:58:09,631 Kex agreed: ecdh-sha2-nistp256
2017-08-22 22:58:09,631 HostKey agreed: ssh-ed25519
2017-08-22 22:58:09,631 Cipher agreed: aes128-ctr
2017-08-22 22:58:09,631 MAC agreed: hmac-sha2-256
2017-08-22 22:58:09,631 Compression agreed: none
2017-08-22 22:58:09,694 kex engine KexNistp256 specified hash_algo <built-in function openssl_sha256>
2017-08-22 22:58:09,710 Switch to new keys ...
2017-08-22 22:58:09,726 Adding ssh-ed25519 host key for myserver.domain.com: 51ac2fe875499371256dd8c5a132f394
2017-08-22 22:58:09,726 not a valid OPENSSH private key file
2017-08-22 22:58:09,726 Error connecting to Host
2017-08-22 22:58:09,819 EOF in transport thread
wth?
回答1:
I have a paramiko rsa key authentication setup running, here is a summary of what I did:
run ssh-keygen -t rsa to generate the id_rsa and id_rsa.pub files
copy contents of id_rsa.pub into ~/.ssh/authorized_keys (on the target system)
copy the id_rsa (private) keyfile onto the client machine
- (on the target I have mode 755 on .ssh/ and 644 on authorized_keys)
The following code runs a login using paramiko:
import logging
import paramiko
logger = paramiko.util.logging.getLogger()
hdlr = logging.FileHandler('app.log')
formatter = logging.Formatter('%(asctime)s %(levelname)s %(message)s')
hdlr.setFormatter(formatter)
logger.addHandler(hdlr)
logger.setLevel(logging.INFO)
try:
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
k = paramiko.RSAKey.from_private_key_file('id_rsa')
ssh.connect('160.100.28.216', username='edwards', pkey = k)
sftp = ssh.open_sftp()
sftp.chdir('/home/edwards')
except Exception, err:
logging.debug(err)
logging.info('Error connecting to Host')
The following is seen in the app.log file:
2017-08-23 16:52:33,154 INFO Connected (version 2.0, client OpenSSH_6.6.1)
2017-08-23 16:52:46,926 INFO Authentication (publickey) successful!
2017-08-23 16:52:47,203 INFO [chan 0] Opened sftp connection (server version 3)
(NB the paramiko client is using the private key file.) This is all on Python 2.7. I hope some or all of this may be useful.
回答2:
You can convert id_rsa to RSA type private key with ssh-keygen. I faced the similar situation and it worked for me.
To Convert "BEGIN OPENSSH PRIVATE KEY" to "BEGIN RSA PRIVATE KEY"
ssh-keygen -p -m PEM -f ~/.ssh/id_rsa
来源:https://stackoverflow.com/questions/45829838/paramiko-connect-with-private-key-not-a-valid-openssh-private-public-key-fil