我试图在组织远程服务器上获得一些博客软件。 我试图build立一个SSH密钥,但遇到了问题,并决定让博客启动和运行比处理SSH密钥问题更重要,所以我ssh-keygen -R remoteserver.com 。
现在我可以用ssh -v [email protected]和正确的密码成功login。 一旦login,我可以四处移动,阅读任何文件和目录,我应该能够阅读。
但是当我尝试用VIM编辑现有的-rw-r--r--文件时,它显示为只读,如果我尝试编辑权限,则获取chmod: file.ext: Operation not permitted ,如果我尝试从本地机器scp一个新的文件提示input远程用户的密码,然后得到scp: /home/path/to/file.ext: Permission denied 。
由于在尝试设置ssh密钥之前,我没有遇到这些问题,所以我怀疑这些exception是这个问题的一个副作用,但我不知道如何解决这个问题。 那么,像我这样的愚蠢的服务器newb需要做什么才能让远程用户获得编辑能力呢?
我的用户标识在我的本地机器和远程服务器之间是不同的。
ssh -v [email protected] 。
whoami我得到remoteuser file.ext从本地目录scp file.ext [email protected]:/path/to/file.ext 。
whoami我得到localuser 两个不同的文件ls -l我试过scp:
-rw-r--r--@ 1 localuser localgroup 20 Feb 11 21:03 phpinfo.php -rw-r--r-- 1 root localgroup 4 Feb 11 22:32 test.txt
我试过VIM的文件ls -l :
-rw-r--r-- 1 remoteuser remotegroup 76 Jul 27 2009 info.txt
在过去,我为git存储库设置了ssh-keys。 我不想完全摧毁它们,所以为了跟随一头鹿的思路,我把我的~/.ssh/改名为~/.ssh-bak/ ,然后testing了不同types的访问。 terminal命令和结果的缩写版本如下所示。 我想所有的事情都是从第八行开始的。
ssh -v
localcomputer:~ localuser$ ssh -v [email protected] OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to remoteserver.com [###.###.###.###] port 22. debug1: Connection established. debug1: identity file /Users/localuser/.ssh/identity type -1 debug1: identity file /Users/localuser/.ssh/id_rsa type -1 debug1: identity file /Users/localuser/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p2 FreeBSD-20110503 debug1: match: OpenSSH_5.8p2 FreeBSD-20110503 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY The authenticity of host 'remoteserver.com (###.###.###.###)' can't be established. RSA key fingerprint is ##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'remoteserver.com,###.###.###.###' (RSA) to the list of known hosts. debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Trying private key: /Users/localuser/.ssh/identity debug1: Trying private key: /Users/localuser/.ssh/id_rsa debug1: Trying private key: /Users/localuser/.ssh/id_dsa debug1: Next authentication method: password [email protected]'s password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Requesting [email protected] debug1: Entering interactive session. Last login: Sun Feb 12 18:00:54 2012 from 68.69.164.123 FreeBSD 6.4-RELEASE-p8 (VKERN) #1 r101746: Mon Aug 30 10:34:40 MDT 2010
远程权限
[remoteuser@remoteserver /home]$ ls -l total ### -rw-r--r-- 1 remoteuser remotegroup 76 Aug 12 2009 info.txt [remoteuser@remoteserver /home]$ vim info.txt ~ {at the bottom of the VIM screen it tells me it's [read only]} [remoteuser@remoteserver /home]$ whoami remoteuser [remoteuser@remoteserver /home]$ logout debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: client_input_channel_req: channel 0 rtype [email protected] reply 0 debug1: channel 0: free: client-session, nchannels 1 Connection to remoteserver.com closed. Transferred: sent 3872, received 12496 bytes, in 107.4 seconds Bytes per second: sent 36.1, received 116.4 debug1: Exit status 0
scp -v
localcomputer:localdirectory name$ scp -v phpinfo.php [email protected]:/home/www/remotedirectory/phpinfo.php Executing: program /usr/bin/ssh host remoteserver.com, user remoteuser, command scp -v -t /home/www/remotedirectory/phpinfo.php OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to remoteserver.com [###.###.###.###] port 22. debug1: Connection established. debug1: identity file /Users/localuser/.ssh/identity type -1 debug1: identity file /Users/localuser/.ssh/id_rsa type -1 debug1: identity file /Users/localuser/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p2 FreeBSD-20110503 debug1: match: OpenSSH_5.8p2 FreeBSD-20110503 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'remoteserver.com' is known and matches the RSA host key. debug1: Found key in /Users/localuser/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Trying private key: /Users/localuser/.ssh/identity debug1: Trying private key: /Users/localuser/.ssh/id_rsa debug1: Trying private key: /Users/localuser/.ssh/id_dsa debug1: Next authentication method: password [email protected]'s password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Requesting [email protected] debug1: Entering interactive session. debug1: Sending command: scp -v -t /home/www/remotedirectory/phpinfo.php Sending file modes: C0644 20 phpinfo.php Sink: C0644 20 phpinfo.php scp: /home/www/remotedirectory/phpinfo.php: Permission denied debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: channel 0: free: client-session, nchannels 1 debug1: fd 0 clearing O_NONBLOCK debug1: fd 1 clearing O_NONBLOCK Transferred: sent 1456, received 2160 bytes, in 0.6 seconds Bytes per second: sent 2322.3, received 3445.1 debug1: Exit status 1
这纯粹是一个权限问题。 “remoteserver”上的用户“remoteuser”没有将文件写入/home/www/remotedirectory/phpinfo.php权限。 在你的scp -v ..命令输出中看到这个错误:
debug1: Sending command: scp -v -t /home/www/remotedirectory/phpinfo.php Sending file modes: C0644 20 phpinfo.php Sink: C0644 20 phpinfo.php scp: /home/www/remotedirectory/phpinfo.php: Permission denied debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: channel 0: free: client-session, nchannels 1
你可以通过ssh到“remoteserver”来确认这一点,就像你最初一样,并尝试touch这个目录中的一个文件:
$ ssh remoteuser@remoteserver
在远程服务器上
$ touch /home/www/remotedirectory/afile touch: cannot touch '/home/www/remotedirectory/afile': Permission denied
你可以用这个命令看到这个目录的所有权:
$ ls -ld /home/www/remotedirectory drwxrwx---. 125 someuser somegroup 16384 Feb 22 14:03 /home/www/remotedirectory
所以你需要改变这里的权限,或者把“remoteuser”添加到组“somegroup”。
您在远程主机上的用户帐户可能没有对/home/www/remotedirectory/目录的写入权限。 你可以通过运行来testing这个:
scp -v phpinfo.php [email protected]:/tmp/phpinfo.php
一旦确认这个工作,您可以设置该目录的权限和/或所有权。 对于一个快速修复, chmod 777 /home/www/remotedirectory/作为根可以工作,但这不是一个安全的解决scheme。 根据服务器的使用方式,更好的办法是使用chgrp将目录的组更改为您希望所有作者进入该目录的组,并且chmod g+w /home/www/remotedirectory/
以及我认为你最好的select是让它与键的工作,但这里有2个选项
尝试删除~/.ssh/authorized-keys目录,或者整个~/.ssh/以去掉剩余的关键字
尝试正确设置密钥,并没有密码的乐趣! https://blogs.oracle.com/jkini/entry/how_to_scp_scp_and