servera機器已經生產rsa金鑰
且已經將public key新增到serverb機器/root/.ssh/authorized_keys
但是ssh [email protected]機器時仍然需要輸入密碼,即無密碼認證失敗
分析與處理:
用ssh -v debug訪問,日誌如下,但是從日誌看不到失敗原因,只知道在用publickey認證時,對端沒有reply;
通過檢視serverb機器/var/log/secure,發現報錯如下
jan 8 13:31:34 wng-141 sshd[32366]: authentication refused: bad ownership or modes for directory /root
jan 8 13:31:34 wng-141 sshd[32367]: connection closed by 135.251.218.231
發現所有使用者的home目錄應該是700許可權,否則會引起很多問題,這個問題同樣是由於這個原因
(3)修改許可權(需要修改~/.ssh資料夾和authorized_keys檔案的,不然會報不允許的錯誤或者無法出現know_hosts檔案)
chmod 700 ~/.ssh
chmod 700 ~/.ssh/authorized_keys
700~/
.ssh
chmod
700~/
.ssh
/authorized_keys
最終,執行chmod 700 root後解決
feb 9 11:02:52 centoshostnamekl1 su: pam_unix(su:session): session opened for user root by wangshumin(uid=500)
feb 10 17:40:16 centoshostnamekl1 su: pam_unix(su:session): session closed for user root
feb 10 17:40:16 centoshostnamekl1 su: pam_unix(su:session): session closed for user root
feb 10 17:40:16 centoshostnamekl1 su: pam_unix(su:session): session closed for user root
feb 10 17:50:06 centoshostnamekl1 sudo: wangshumin : tty=pts/2 ; pwd=/home/wangshumin/zookeeper/zookeeper-3.4.5/bin ; user=root ; command=/usr/bin/vim /etc/profile
feb 10 19:29:01 centoshostnamekl1 sshd[30650]: authentication refused: bad ownership or modes for directory /home/wangshumin
feb 10 19:35:16 centoshostnamekl1 sshd[31014]: authentication refused: bad ownership or modes for directory /home/wangshumin
feb 10 19:35:26 centoshostnamekl1 sshd[31014]: failed password for wangshumin from 192.168.72.101 port 46370 ssh2
feb 10 19:35:26 centoshostnamekl1 sshd[31014]: failed password for wangshumin from 192.168.72.101 port 46370 ssh2
feb 10 19:35:26 centoshostnamekl1 sshd[31015]: connection closed by 192.168.72.101
feb 10 19:42:24 centoshostnamekl1 sshd[31223]: authentication refused: bad ownership or modes for directory /home/wangshumin
feb 10 19:42:38 centoshostnamekl1 sshd[31223]: failed password for wangshumin from 192.168.72.101 port 46399 ssh2
feb 10 19:42:38 centoshostnamekl1 sshd[31223]: failed password for wangshumin from 192.168.72.101 port 46399 ssh2
feb 10 19:42:38 centoshostnamekl1 sshd[31224]: connection closed by 192.168.72.101
feb 10 19:43:54 centoshostnamekl1 sshd[31260]: authentication refused: bad ownership or modes for directory /home/wangshumin
feb 10 19:43:58 centoshostnamekl1 sshd[31260]: accepted password for wangshumin from 192.168.72.101 port 46406 ssh2
feb 10 19:43:58 centoshostnamekl1 sshd[31260]: pam_unix(sshd:session): session opened for user wangshumin by (uid=0)
feb 10 19:43:58 centoshostnamekl1 sshd[31265]: received disconnect from 192.168.72.101: 11: disconnected by user
feb 10 19:43:58 centoshostnamekl1 sshd[31260]: pam_unix(sshd:session): session closed for user wangshumin
feb 10 19:45:00 centoshostnamekl1 sshd[31439]: authentication refused: bad ownership or modes for directory /home/wangshumin
feb 10 19:45:06 centoshostnamekl1 sshd[31439]: failed password for wangshumin from 192.168.72.101 port 46414 ssh2
feb 10 19:45:06 centoshostnamekl1 sshd[31439]: failed password for wangshumin from 192.168.72.101 port 46414 ssh2
feb 10 19:45:06 centoshostnamekl1 sshd[31440]: connection closed by 192.168.72.101
feb 10 19:48:38 centoshostnamekl1 sshd[31967]: authentication refused: bad ownership or modes for directory /home/wangshumin
feb 10 19:50:05 centoshostnamekl1 sshd[31967]: failed password for wangshumin from 192.168.72.101 port 46429 ssh2
feb 10 19:50:05 centoshostnamekl1 sshd[31967]: failed password for wangshumin from 192.168.72.101 port 46429 ssh2
SSH無密碼認證
192.168.0.140主機上執行 root localhost ssh keygen t rsa 或 root localhost ssh keygen t rsa p f ssh id rsa 所有預設回車會在 root ssh 目錄下生成兩個檔案 id rsa 私鑰,產生私鑰的機子,即主動訪...
ssh無密碼登入
若想登入對方主機,而不需要輸入密碼,操作如下 首先在自己主機上執行 ssh keygen t rsa 三次回車 在 ssh生成公私鑰 id rsa.pub id rsa 將id rsa.pub拷貝到對方的 ssh中 記得重新命名,如my.pub 在對方的.ssh中新建乙個authosized key...
ssh 無密碼登入
今天在配置ssh登入的時候,遇到了一點問題 a.首先我建立了乙個使用者 useradd g hadoop m s bin bash hadoop b.進入hadoop主目錄,生成公鑰私鑰,但是發現沒有.ssh目錄,就手動生成.ssh目錄。c.進入 ssh 目錄下 ssh keygen t rsa,生...