我正在尝试连接用户A1@主机A举办用户B1@主机B使用 ssh。
我将 userA1 的 .ssh/id_rsa.pub 文件内容添加到 userB1 的 .ssh/authorized_keys 文件中。
设置authorized_keys和.ssh文件夹权限用户B1到 600 和 700。
尝试使用 ssh 命令登录。结果为 - 权限被拒绝(公钥)。
好的,然后我在创建了一个新用户主机B,我们叫他用户B2. 做了同样的事情用户B1。并且成功从userA1@hostA登录到userB2@hostB!
所以,我完全不明白为什么 ssh 会失败用户B1。
两个不同用户的详细消息的最后部分如下:
对于 userB1:ssh userB1@hostB <- 失败
debug1: Unspecified GSS failure. Minor code may provide more information
Cannot determine realm for numeric host address
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/userA1/.ssh/identity
debug3: no such identity: /home/userA1/.ssh/identity
debug1: Offering public key: /home/userA1/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Trying private key: /home/userA1/.ssh/id_dsa
debug3: no such identity: /home/userA1/.ssh/id_dsa
debug1: Trying private key: /home/userA1/.ssh/id_ecdsa
debug3: no such identity: /home/userA1/.ssh/id_ecdsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
对于 userB2:ssh userB2@hostB <- pass
debug1: Unspecified GSS failure. Minor code may provide more information
Cannot determine realm for numeric host address
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/userA1/.ssh/identity
debug3: no such identity: /home/userA1/.ssh/identity
debug1: Offering public key: /home/userA1/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug2: input_userauth_pk_ok: SHA1 ................
..........
在 hostB 的 /var/log/secure 文件中,使用 userB2 登录时显示:
Feb 3 11:54:19 development sshd[3246]: Accepted publickey for userB2 from hostA port 58773 ssh2
对于用户 B1,显示:
Feb 3 11:56:34 development sshd[3349]: Connection closed by hostA
在主机 B 的 sshd_config 文件中,没有指定任何有关这些用户的信息。有人能帮我找出原因吗?
谢谢。
答案1
一切似乎都很好。一个可能的原因是Selinux 上下文错误如上所述这个帖子。在这种情况下,您必须从 userB1 在 hostB 中运行此命令:
restorecon -R -v ~/.ssh