我查看了有关此问题的其他问题,但没有一个对我有用。
我执行了以下操作,在运行 Amazon Linux 的 EC2 实例上添加新用户:
sudo usermod -G git_group rich
sudo mkdir -p /home/rich/.ssh
sudo mkdir /home/rich/.ssh/authorized_keys
sudo chown root:root /home/rich
sudo chown -R rich:rich /home/rich/
sudo chmod 700 /home/rich/.ssh
sudo chmod 700 /home/rich/.ssh/authorized_keys
sudo su rich
cd ~/.ssh
ssh-keygen -a 100 -b 4096 -C "" -E sha256 -o -t rsa
< no passwords >
cp id_rsa.pub ./authorized_keys
在远程计算机上,我通过 sftp 获取密钥并将它们放在 /home/my_user/.ssh 中,确保两者都具有 chmod 600 权限。
然后我向 .ssh/config 添加了一个条目:
User rich
IdentityFile = ~/.ssh/rich_private_key
当我尝试时
ssh -vvv [email protected]
我得到:
No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_1000)
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/my_user/.ssh/rich_private_key
debug3: sign_and_send_pubkey: RSA xxx
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
知道我缺少什么吗?我还将 PubkeyAuthentication yes 添加到 sshd_config 并重新启动它,这似乎没有帮助。
答案1
我将authorized_keys作为包含密钥的目录(这是不正确的),而不是每行都是一个密钥的文件,这修复了它。