服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 无密码SSH不工作 – 密钥被复制并设置权限
Intereting Posts
将Java进程绑定到虚拟接口 部署DISM的Windows 10应用程序将不会启动 IIS – 错误:未find方法“Microsoft.Web.Administration.SsFlags” 数据库事务复制与远程服务器 从http响应通过nginx反向代理传递cookie 在内部search域中使用TLS NGINX强制non-ssl进行默认连接 当连接closures时,终止PHP进程 使用DD进行磁盘克隆 两个传递信任的森林中的全局编录是否会复制数据? Tomcat的webapps吃了所有的内存 将HTTPS网站迁移到单个IP上的另一个域名 什么版本的Apache,PHP和MySql将Tasksel LAMPP堆栈安装在Ubuntu 14.10中? 在Ubuntu 12.04的/etc/resolv.conf和/ etc / network / interfaces中列出名称服务器有什么区别? 帮助多个用户之间的邮件帐户pipe理

无密码SSH不工作 – 密钥被复制并设置权限

我知道这个问题已经被问到,但我确定我已经做了所有其他答案的build议。

机器A:

  • 使用keygen -t rsa创buildid_rsa.pub〜 / .ssh /
  • 将机器A的id_rsa.pub复制到机器B用户的主目录
  • 取得了id_rsa.pub 600的文件权限

机器B

  • 将Machine A的pub key添加到authorised_keys和authorised_keys2:cat〜 / id_rsa.pub >>〜/ .ssh / authorised_keys2
  • 做了id_rsa.pub 600的文件权限

我也确保了.ssh目录在A和B两台上都有权限700

如果我尝试从机器Alogin到机器B,系统会要求input密码,而不是ssh密码短语。

我有两台机器上的root用户使用无密码的ssh进行对话,但是我不能让一个普通的用户来这样做。

用户名必须是双方相同的? 还是有一些其他的地方我错过了。

机器A是在Windows 7 PC上的VirtualBox内部运行的Ubuntu 10.04虚拟机,机器B是专用的Ubuntu 9.10服务器

更新 :我已经运行ssh选项-vvv ,它提供了许多输出行,但这是最后几个命令: 

debug3: check_host_in_hostfile: filename /home/pete/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host '192.168.1.19' is known and matches the RSA host key. debug1: Found key in /home/pete/.ssh/known_hosts:1 debug2: bits set: 504/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: Wrote 16 bytes for a total of 1015 debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug3: Wrote 48 bytes for a total of 1063 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/pete/.ssh/identity ((nil)) debug2: key: /home/pete/.ssh/id_rsa (0x7ffe1baab9d0) debug2: key: /home/pete/.ssh/id_dsa ((nil)) debug3: Wrote 64 bytes for a total of 1127 debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/pete/.ssh/identity debug3: no such identity: /home/pete/.ssh/identity debug1: Offering public key: /home/pete/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug3: Wrote 368 bytes for a total of 1495 debug1: Authentications that can continue: publickey,password debug1: Trying private key: /home/pete/.ssh/id_dsa debug3: no such identity: /home/pete/.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password

使用ssh-copy-id复制你的密钥; 它会创build任何必要的文件/目录,并修复任何中断的权限。

文件名必须是: authorized_keys2 ,它应该是chmod 600

 ~/.ssh (700) ~/.ssh/authorized_keys2 (600) ~/.ssh/id_rsa (600) ~/.ssh/id_rsa.pub (644)

*更新* :提供以下输出(来自远程服务器): 

 ls -ld ~/.ssh ~/.ssh/authorized_key*

SELinux是否启用? (使用: getenforce ),你得到EnfrocingEnfrocing