如何在没有密码的情况下通过 SSH 连接到本地主机?

如何在没有密码的情况下通过 SSH 连接到本地主机?

编辑:准确地说明所做的事情。

我需要localhost不使用密码进行 SSH 连接,通常的方法(使用公钥)不起作用。

user@PC:~$ rm -rf .ssh/*
user@PC:~$ ssh-keygen -t rsa > /dev/null 
Enter file in which to save the key (/home/user/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
user@PC:~$ ls .ssh/
id_rsa  id_rsa.pub
user@PC:~$ ssh-copy-id -i localhost 
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is f7:87:b5:4e:31:a1:72:11:8e:5f:d2:61:bd:b3:40:1a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
user@localhost's password: 
Now try logging into the machine, with "ssh 'localhost'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

user@PC:~$ ssh-agent $SHELL
user@PC:~$ ssh-add -L
The agent has no identities.
user@PC:~$ ssh-add 
Identity added: /home/user/.ssh/id_rsa (/home/user/.ssh/id_rsa)
user@PC:~$ ssh-add -L
ssh-rsa ...MY KEY HERE

user@PC:~$ ssh-copy-id -i localhost 
user@localhost's password: 
Now try logging into the machine, with "ssh 'localhost'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

user@PC:~$ ssh localhost echo 'testing'
user@localhost's password: 

user@PC:~$ 

因此,正如您在最后一条命令中看到的,它仍然在询问密码!我该如何解决这个问题?Ubuntu-10.04,OpenSSH_5.3p1

编辑2:

添加一些关于 sshd 的信息

user@PC:~$ cat /etc/ssh/sshd_config | grep Authentication
# Authentication:
RSAAuthentication yes
PubkeyAuthentication yes
RhostsRSAAuthentication no
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
ChallengeResponseAuthentication no
# PasswordAuthentication yes
#KerberosAuthentication no
#GSSAPIAuthentication no
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.

EDIT3:来自 $ssh -vv localhost 的结果

$ssh -vv localhost
...
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user/.ssh/identity
debug1: Offering public key: /home/user/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/user/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
user@localhost's password: 

编辑4:

仅检查文件是否相同且 md5sum 是否一致

答案1

首先,你应该明白自己在做什么:

user@PC:~$ cat .ssh/id_rsa.pub | ssh localhost 'cat >> .ssh/authorized_keys'

您正在通过 ssh 将公钥复制.ssh/id_rsa.pub到同一台主机(即 localhost,同一台主机)。如果您localhost用其他主机替换,那会更有意义(但如果您是为了学习如何操作而尝试这样做,那也没关系)。

一旦您在远程主机(或您所在的同一主机)上获得了公钥的副本,您必须确保在实际主机中使用它进行身份验证,调用ssh-agent/ ssh-add

$ eval `ssh-agent`
$ ssh-add

然后,如果您提供了密码,您将被要求在之后输入密码ssh-add。如果您生成了一个没有密码的私钥,那么就这样了。

答案2

发现问题了。

运行服务器并进行调试:

$sshd -Dd

我发现它无法读取 auth_key

$chmod 750 $HOME

修复。

答案3

执行以下步骤

ssh-keygen -t rsa -C "[email protected]"
# Creates a new ssh key, using the provided email as a label
# Generating public/private rsa key pair.

使用默认文件和空密码(只需在接下来的 2 个步骤中按回车键即可)

# start the ssh-agent in the background
eval "$(ssh-agent -s)"
# Agent pid 59566
ssh-add 

将 ~/.ssh/id_rsa.pub 的内容复制到 ~/.ssh/authorized_keys

确保以下是权限

 ls -l .ssh/
 total 20
-rw-r--r--. 1 swati swati  399 May  5 14:53 authorized_keys
-rw-r--r--. 1 swati swati  761 Jan 12 15:59 config
-rw-------. 1 swati swati 1671 Jan 12 15:44 id_rsa
-rw-r--r--. 1 swati swati  399 Jan 12 15:44 id_rsa.pub
-rw-r--r--. 1 swati swati  410 Jan 12 15:46 known_hosts 

另外,确保 .ssh 目录的权限是。这也很重要

drwx------.   2 swati swati    4096 May  5 14:56 .ssh

答案4

关于上面的帖子,虽然面临同样的问题,但我只是改变了这一行

密码验证否

在 /etc/ssh/sshd_config 文件中,它可以工作。

此外,也许最好使用

服务 sshd 重启

重新加载 sshd 配置更改。

相关内容