尝试失败次数过多,SSH 请求我未设置的 PubKey

尝试失败次数过多,SSH 请求我未设置的 PubKey

我认为我尝试使用登录的次数过多了root@server。SSHssh现在要求进行公钥认证,而我从未设置过。

如何重新登录我的服务器, 和如何永久禁用公钥认证(是的,我知道风险并且我愿意承担)。

我正在使用 OpenSSH。

日志:ssh -vvv root@server

    Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/private/.ssh/id_rsa
debug3: no such identity: /home/private/.ssh/id_rsa: No such file or directory
debug1: Trying private key: /home/private/.ssh/id_dsa
debug3: no such identity: /home/private/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/private/.ssh/id_ecdsa
debug3: no such identity: /home/private/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/private/.ssh/id_ed25519
debug3: no such identity: /home/private/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
root@server's password: 
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.

答案1

PermitRootLoginOpenSSH使用以下选项更改了默认值:发布 7.0 版本(2015 年 8 月)。新的默认值为prohibit-password。以前的值为yes

普通用户仍然可以默认使用密码进行身份验证。

此外,虽然公钥身份验证确实可以通过禁用(PubkeyAuthentication选项)来禁用,但这样做没有任何好处,除非您启用其他身份验证方法。除非该AuthenticationMethods选项不要求用户通过多种方法,否则任何方法都可以。

相关内容