无密码 SSH 无法工作 - 密钥已复制且权限已设置

无密码 SSH 无法工作 - 密钥已复制且权限已设置

我知道这个问题已经被问过了,但我确信我已经按照其他答案所建议的做了。

机器 A:

  • 用过的密钥生成器-t rsa创造id_rsa.pub〜/.ssh /
  • 复制机器 A 的id_rsa.pub到机器 B 用户的主目录
  • 使文件权限id_rsa.pub 600

机器 B

  • 将机器 A 的公钥添加到authorised_keys 和authorised_keys2中:cat ~/id_rsa.pub >> ~/.ssh/authorised_keys2
  • 使文件权限id_rsa.pub 600

我还确保.ssh目录具有权限700在机器 A 和 B 上。

如果我尝试从机器 A 登录到机器 B,系统会要求我输入密码,而不是 ssh 密码。

我让两台机器上的 root 用户使用无密码 ssh 互相通信,但我无法让普通用户这样做。

两边的用户名必须相同吗?还是我遗漏了其他设置。

机器 A 是 Windows 7 PC 上的 VirtualBox 中运行的 Ubuntu 10.04 虚拟机,机器 B 是专用的 Ubuntu 9.10 服务器

更新:我已经使用选项运行了 ssh-vvv,它提供了很多行输出,但这是最后几个命令:

debug3: check_host_in_hostfile: filename /home/pete/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host '192.168.1.19' is known and matches the RSA host key.
debug1: Found key in /home/pete/.ssh/known_hosts:1
debug2: bits set: 504/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1015
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1063
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/pete/.ssh/identity ((nil))
debug2: key: /home/pete/.ssh/id_rsa (0x7ffe1baab9d0)
debug2: key: /home/pete/.ssh/id_dsa ((nil))
debug3: Wrote 64 bytes for a total of 1127
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/pete/.ssh/identity
debug3: no such identity: /home/pete/.ssh/identity
debug1: Offering public key: /home/pete/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1495
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/pete/.ssh/id_dsa
debug3: no such identity: /home/pete/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password

答案1

用于ssh-copy-id复制您的密钥;它将创建任何必要的文件/目录并修复任何损坏的权限。

答案2

文件名必须是:authorized_keys2并且应该是chmod 600

~/.ssh (700)
~/.ssh/authorized_keys2 (600)
~/.ssh/id_rsa (600)
~/.ssh/id_rsa.pub (644)

* 更新 *:提供以下输出(来自远程服务器):

ls -ld ~/.ssh ~/.ssh/authorized_key*

SELinux 启用了吗?(使用getenforce:),你得到了Permissive还是Enfrocing

相关内容