SSH Login ohne Passwort schläft fehl

[AAA]

Hallo,

ich möchte von meinem Ubuntu-Rechner ein ssh-Login ohne PW Abfrage auf das Synology-NAS durchführen.

In der /etc/ssh/sshd_config auf dem NAS sind die entsprechenden Parameter gesetzt

PubkeyAuthentication yes
# RSAAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody

Ich habe ein Schlüsselpaar unter Ubuntu erstellt (z. B. ssh-keygen -t rsa -b 2048), den Schlüssel auf das NAS übertragen (ssh-copy-id), sie sind auch in der authorized_keys auf dem NAS enthalten, aber der PW-lose Login funktioniert nicht.

ssh -vvvv liefert auf dem Ubuntu-Client (Auszug):

debug1: Next authentication method: publickey
debug1: Offering public key: /home/aa/.ssh/id_rsa RSA SHA256:RDtyKPUkwhfMSL83OS8KRVI/NWXndaOYKM+vo8niuUw agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: /home/aa/.ssh/id_ed25519 ED25519 SHA256:bH3lKK1mJWQKh4YqA68ZkBOm0so2GXLBDn2MlvCyN1I agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password

Auf dem Synology-NAS:

2024-02-02T12:44:26+01:00 Sun sshd[22266]: pam_unix(sshd:session): session closed for user aa
2024-02-02T12:44:41+01:00 Sun sshd[22641]: pam_unix(sshd:session): session opened for user aa by (uid=0)

Woran kann das liegen????

Grüße, AA

 

[plang.pl]

Willkommen hier im Forum!
Hier gibt es eine Anleitung zu dem Thema: https://www.synology-forum.de/threa...-fuer-winscp-gesucht.74476/page-5#post-694440
Ist zwar für WinSCP, der Vorgang mit den Schlüsselpaaren ist aber ja der Gleiche und hier ausschlaggebend

 

[AAA]

Die Anleitungen, die es divers im Intent oder auch hier gibt, kenne ich und habe sie bereits zigmal ausprobiert. Es wäre schön, wenn einer einen Blick auf die logs werfen könnte, um genau zu sagen, was nicht funktioniert.
Gruß, AAA

 

[plang.pl]

Also in den geposteten Logs ist m.M.n. kein Fehler erkennbar

 

[luddi]

Wie sind denn die Rechte für das Verzeichnis .ssh und die Datei authorized_keys gesetzt?
Mit welchem User der NAS möchtest du dich via SSH anmelden?
Ist es ein Administrator oder ein gewöhnlicher User Account ohne Admin Rechte?

 

[AAA]

Danke!

AAA@ABC:~$ ls -al .ssh
total 4
drwx------ 1 AAA users 30 Feb 2 22:48 .
drwxrwxrwx+ 1 AAA users 152 Feb 2 23:17 ..
-rw------- 1 AAA users 514 Feb 2 11:47 authorized_keys

Ich logge mich aber als admin-User per ssh auf dem NAS ein. Könnte das das Problem sein?

 

[luddi]

Die Berechtigungen sehen schon einmal gut aus. Wie sieht es mit dem private key auf dem Host aus? Hat der auch 600?

Als Admin anmelden geht in Ordnung, nur normale User dürfen keine interaktive Shell Session starten.

Wie sieht denn dein Befehl zur Verbindung aus?
Aus dem von dir gezeigten Ausschnitt der Ausgabe geht nicht hervor was passiert.
Nur dass zwei mal versucht wird zu authentifizieren.
Wird am Schluss publickey auth abgelehnt und auf password umgestellt oder bricht die Authentifizierung komplett ab?

 

[AAA]

Das hier ist die komplette Ausgabe:

aaa@SERVER:~$ ssh -vvvv backup_server@aaa.synology.me
OpenSSH_8.9p1 Ubuntu-3ubuntu0.6, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /home/aaa/.ssh/config
debug1: /home/aaa/.ssh/config line 1: Applying options for aaa.synology.me
debug1: /home/aaa/.ssh/config line 4: Ignored unknown option "usekeychain"
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/home/aaa/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/home/aaa/.ssh/known_hosts2'
debug2: resolving "aaa.synology.me" port 22
debug3: resolve_host: lookup aaa.synology.me:22
debug3: ssh_connect_direct: entering
debug1: Connecting to aaa.synology.me [91.50.241.122] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x10
debug1: Connection established.
debug1: identity file /home/aaa/.ssh/id_ed25519 type 3
debug1: identity file /home/aaa/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2
debug1: compat_banner: match: OpenSSH_8.2 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to aaa.synology.me:22 as 'backup_server'
debug3: record_hostkey: found key type ED25519 in file /home/aaa/.ssh/known_hosts:1
debug3: record_hostkey: found key type ECDSA in file /home/aaa/.ssh/known_hosts:2
debug3: load_hostkeys_file: loaded 2 keys from aaa.synology.me
debug1: load_hostkeys: fopen /home/aaa/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug3: order_hostkeyalgs: have matching best-preference key type ssh-ed25519-cert-v01@openssh.com, using HostkeyAlgorithms verbatim
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@openssh.com,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00@openssh.com
debug2: host key algorithms: ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:xyzxyz...........................
debug3: record_hostkey: found key type ED25519 in file /home/aaa/.ssh/known_hosts:1
debug3: record_hostkey: found key type ECDSA in file /home/aaa/.ssh/known_hosts:2
debug3: load_hostkeys_file: loaded 2 keys from aaa.synology.me
debug1: load_hostkeys: fopen /home/aaa/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'aaa.synology.me' is known and matches the ED25519 host key.
debug1: Found key in /home/aaa/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: ssh_set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: ssh_set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/aaa/.ssh/id_ed25519 ED25519 SHA256:xyzxyz.... explicit
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/aaa/.ssh/id_ed25519 ED25519 SHA256:xyzxyz .... explicit
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
backup_server@aaa.synology.me's password:aaa

 

[luddi]

D.h. du gibst den private key beim Verbindungsaufbau nicht explizit an?
Dein Befehl: ssh -vvvv backup_server@aaa.synology.me

Hast du mehrere Private keys auf deinem Host liegen?
Ich würde vorschlagen, dass du einmal den private key explizit dem Befehl hinzufügst:

ssh -vvv -i ~/.ssh/<privatekey> backup_server@aaa.synology.me

 

[AAA]

Mit der Angabe des Schlüssels auch kein besseres Ergebnis:

aaa@CELSIUSSERVER:~$ ssh -vvv -i ~/.ssh/id_ed25519 backup_server@aaa.synology.me
OpenSSH_8.9p1 Ubuntu-3ubuntu0.6, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /home/aaa/.ssh/config
debug1: /home/aaa/.ssh/config line 1: Applying options for aaa.synology.me
debug1: /home/aaa/.ssh/config line 4: Ignored unknown option "usekeychain"
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/home/aaa/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/home/aaa/.ssh/known_hosts2'
debug2: resolving "aaa.synology.me" port 22
debug3: resolve_host: lookup aaa.synology.me:22
debug3: ssh_connect_direct: entering
debug1: Connecting to aaa.synology.me [91.50.241.122] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x10
debug1: Connection established.
debug1: identity file /home/aaa/.ssh/id_ed25519 type 3
debug1: identity file /home/aaa/.ssh/id_ed25519-cert type -1
debug1: identity file /home/aaa/.ssh/id_ed25519 type 3
debug1: identity file /home/aaa/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2
debug1: compat_banner: match: OpenSSH_8.2 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to aaa.synology.me:22 as 'backup_server'
debug3: record_hostkey: found key type ED25519 in file /home/aaa/.ssh/known_hosts:1
debug3: record_hostkey: found key type ECDSA in file /home/aaa/.ssh/known_hosts:2
debug3: load_hostkeys_file: loaded 2 keys from aaa.synology.me
debug1: load_hostkeys: fopen /home/aaa/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug3: order_hostkeyalgs: have matching best-preference key type ssh-ed25519-cert-v01@openssh.com, using HostkeyAlgorithms verbatim
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@openssh.com,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c,kex-strict-c-v00@openssh.com
debug2: host key algorithms: ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa-sha2-512,rsa-sha2-256
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:LWJPM87kqI8FUOOO0K4K1yORdaiNoV4fa035jST8/AY
debug3: record_hostkey: found key type ED25519 in file /home/aaa/.ssh/known_hosts:1
debug3: record_hostkey: found key type ECDSA in file /home/aaa/.ssh/known_hosts:2
debug3: load_hostkeys_file: loaded 2 keys from aaa.synology.me
debug1: load_hostkeys: fopen /home/aaa/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'aaa.synology.me' is known and matches the ED25519 host key.
debug1: Found key in /home/aaa/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: ssh_set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: ssh_set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /home/aaa/.ssh/id_ed25519 ED25519 SHA256:... explicit
debug1: Will attempt key: /home/aaa/.ssh/id_ed25519 ED25519 SHA256:b-.... explicit
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/aaa/.ssh/id_ed25519 ED25519 SHA256:.... explicit
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: /home/aaa/.ssh/id_ed25519 ED25519 SHA256:b... explicit
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
backup_server@aaa.synology.me's password:

und die /var/log/auth.log

2024-02-03T20:21:01+01:00 aaa sshd[30392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.88.224 user=root
2024-02-03T20:22:20+01:00 aaa sshd[30589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.88.224 user=root
2024-02-03T20:25:58+01:00 aaa sshd[31039]: pam_unix(sshd:session): session opened for user backup_server by (uid=0)

 

[luddi]

Und dieser sogenannte User backup_server in deinem Auszug ist auch ein Administrator?

 

[AAA]

Ist admin. Sonst würde die "connection refused"

 

[luddi]

Dann kann es nur noch ein Rechteproblem der Dateien sein.