在尝试设置环回 ssh 时,在安装 pub key 后提示我输入密码,这是一台 CentOS 6.4 服务器。 ssh_config(grep -v ^# /etc/ssh/sshd_config | grep -v ^$)在这里:http://pastebin.com/Wg6iuL3x
涉及的两个用户是root和git
# clean root dir
cd ~/.ssh/ && rm -f $(ls | grep -i 'rsa\|dsa')
echo '' > known_hosts
# clean git dir
/home/git/.ssh/ && rm -f $(ls | grep -v 'authorized_keys')
chmod 0700 /home/git/.ssh && chmod 0600 /home/git/.ssh/authorized_keys
echo '' > authorized_keys
# back to root
ssh-keygen -f ~/.ssh/git_dsa -t dsa -N ''
cat ~/.ssh/git_dsa.pub >> /home/git/.ssh/authorized_keys
ssh -vvv git@localhost
git@localhost's password:
...
这是-v日志
debug1: Next authentication method: publickey
debug1: Offering public key: git.rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Offering public key: git.dsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: password
日志-vvv在这里:http://pastebin.com/j7iGvvMH
笔记
这看起来不像是看到/识别 git_dsa.pub 密钥,我确信这是问题的根源?
答案1
您可能在使用 SELinux 时遇到问题。假设您非常重视安全性(毕竟您正在使用环回 ssh)并且不想禁用它,请以 root 身份执行以下操作:
restorecon -R -v /home/git/.ssh
如果您确实想禁用它,请编辑 /etc/selinux/config 并在其中设置 SELINUX=permissive。
答案2
您还没有告诉 ssh 使用 git_dsa 密钥:
ssh -i /root/.ssh/git_dsa git@localhost
或者编辑/root/.ssh/config并添加适当的IdentityFile指令。