我正在尝试在组织的远程服务器上安装一些博客软件。我尝试设置 SSH 密钥,但遇到了问题,因此我决定让博客正常运行比解决 SSH 密钥问题更重要,因此我ssh-keygen -R remoteserver.com
.
现在我可以使用正确的密码成功登录。登录后,我可以四处移动并读取我应该能够读取的任何文件和目录。 ssh -v [email protected]
但是当我尝试-rw-r--r--
使用 VIM 编辑现有文件时,它会显示为只读,如果我尝试编辑权限,我会获得chmod: file.ext: Operation not permitted
,如果我尝试scp
从本地机器创建新文件,系统会提示我输入远程用户的密码,然后获得scp: /home/path/to/file.ext: Permission denied
。
由于在尝试设置 ssh 密钥之前我没有遇到任何这些问题,我怀疑这些异常是其副作用,但我不知道如何排除故障。那么像我这样的愚蠢的服务器新手需要做什么才能作为远程用户重新获得编辑能力?
附录1:
我的本地计算机和远程服务器之间的用户 ID 不同。
- 对于 ssh 我。
ssh -v [email protected]
- 如果我
whoami
得到remoteuser
- 如果我
- 对于 scp,我以本地用户身份登录时 从本地目录进行操作。
scp file.ext [email protected]:/path/to/file.ext
file.ext
- 如果我
whoami
得到localuser
- 如果我
对于ls -l
两个不同的文件我尝试过 scp:
-rw-r--r--@ 1 localuser localgroup 20 Feb 11 21:03 phpinfo.php
-rw-r--r-- 1 root localgroup 4 Feb 11 22:32 test.txt
对于ls -l
我尝试用 VIM 处理的文件:
-rw-r--r-- 1 remoteuser remotegroup 76 Jul 27 2009 info.txt
附录2:
过去,我曾为 git 存储库设置过 ssh 密钥。我不想完全销毁它们,因此,为了尝试遵循一只鹿的思路我将我的重命名~/.ssh/
为~/.ssh-bak/
,然后测试了不同类型的访问。终端命令和结果的精简版本如下;我认为直到倒数第 8 行,一切都正常。
SSH-V
localcomputer:~ localuser$ ssh -v [email protected]
OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to remoteserver.com [###.###.###.###] port 22.
debug1: Connection established.
debug1: identity file /Users/localuser/.ssh/identity type -1
debug1: identity file /Users/localuser/.ssh/id_rsa type -1
debug1: identity file /Users/localuser/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p2 FreeBSD-20110503
debug1: match: OpenSSH_5.8p2 FreeBSD-20110503 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host 'remoteserver.com (###.###.###.###)' can't be established.
RSA key fingerprint is ##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'remoteserver.com,###.###.###.###' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/localuser/.ssh/identity
debug1: Trying private key: /Users/localuser/.ssh/id_rsa
debug1: Trying private key: /Users/localuser/.ssh/id_dsa
debug1: Next authentication method: password
[email protected]'s password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
Last login: Sun Feb 12 18:00:54 2012 from 68.69.164.123
FreeBSD 6.4-RELEASE-p8 (VKERN) #1 r101746: Mon Aug 30 10:34:40 MDT 2010
远程权限
[remoteuser@remoteserver /home]$ ls -l
total ###
-rw-r--r-- 1 remoteuser remotegroup 76 Aug 12 2009 info.txt
[remoteuser@remoteserver /home]$ vim info.txt
~ {at the bottom of the VIM screen it tells me it's [read only]}
[remoteuser@remoteserver /home]$ whoami
remoteuser
[remoteuser@remoteserver /home]$ logout
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype [email protected] reply 0
debug1: channel 0: free: client-session, nchannels 1
Connection to remoteserver.com closed.
Transferred: sent 3872, received 12496 bytes, in 107.4 seconds
Bytes per second: sent 36.1, received 116.4
debug1: Exit status 0
scp-v
localcomputer:localdirectory name$ scp -v phpinfo.php [email protected]:/home/www/remotedirectory/phpinfo.php
Executing: program /usr/bin/ssh host remoteserver.com, user remoteuser, command scp -v -t /home/www/remotedirectory/phpinfo.php
OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to remoteserver.com [###.###.###.###] port 22.
debug1: Connection established.
debug1: identity file /Users/localuser/.ssh/identity type -1
debug1: identity file /Users/localuser/.ssh/id_rsa type -1
debug1: identity file /Users/localuser/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p2 FreeBSD-20110503
debug1: match: OpenSSH_5.8p2 FreeBSD-20110503 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'remoteserver.com' is known and matches the RSA host key.
debug1: Found key in /Users/localuser/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/localuser/.ssh/identity
debug1: Trying private key: /Users/localuser/.ssh/id_rsa
debug1: Trying private key: /Users/localuser/.ssh/id_dsa
debug1: Next authentication method: password
[email protected]'s password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: Sending command: scp -v -t /home/www/remotedirectory/phpinfo.php
Sending file modes: C0644 20 phpinfo.php
Sink: C0644 20 phpinfo.php
scp: /home/www/remotedirectory/phpinfo.php: Permission denied
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
Transferred: sent 1456, received 2160 bytes, in 0.6 seconds
Bytes per second: sent 2322.3, received 3445.1
debug1: Exit status 1
答案1
远程主机上的用户帐户可能没有该/home/www/remotedirectory/
目录的写入权限。您可以通过运行以下命令进行测试:
scp -v phpinfo.php [email protected]:/tmp/phpinfo.php
一旦确认此方法有效,您就可以设置该目录的权限和/或所有权。对于快速修复,chmod 777 /home/www/remotedirectory/
root 也可以,但这不是一个安全的解决方案。根据服务器的使用方式,更好的方法是将目录的组更改chgrp
为您希望该目录的所有写入者所在的组,然后chmod g+w /home/www/remotedirectory/
答案2
这纯粹是权限问题。“remoteserver”上的用户“remoteuser”没有权限将文件写入/home/www/remotedirectory/phpinfo.php
。请在命令输出中查看此错误scp -v ..
:
debug1: Sending command: scp -v -t /home/www/remotedirectory/phpinfo.php
Sending file modes: C0644 20 phpinfo.php
Sink: C0644 20 phpinfo.php
scp: /home/www/remotedirectory/phpinfo.php: Permission denied
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
您可以像原来一样通过 ssh 进入“远程服务器”来确认这一点,然后尝试touch
在此目录中找到一个文件:
$ ssh remoteuser@remoteserver
在远程服务器上
$ touch /home/www/remotedirectory/afile
touch: cannot touch ‘/home/www/remotedirectory/afile’: Permission denied
您可以使用以下命令查看该目录的所有权:
$ ls -ld /home/www/remotedirectory
drwxrwx---. 125 someuser somegroup 16384 Feb 22 14:03 /home/www/remotedirectory
因此您需要在此处更改权限或小心将“remoteuser”添加到组“somegroup”。
答案3
嗯,我认为你最好的选择是制作它与钥匙一起工作,但这里有 2 个选项
尝试删除~/.ssh/authorized-keys
目录或全部~/.ssh/
以删除关键残留物
尝试正确设置密钥并享受没有密码的乐趣! https://blogs.oracle.com/jkini/entry/how_to_scp_scp_and