我尝试以用户身份启动 sshd 以进行测试,但是不起作用。
sshd_配置:
# $OpenBSD: sshd_config,v 1.84 2011/05/23 03:30:07 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
Port 10022
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile ./authorized_keys
PasswordAuthentication no
HostKey ./sshkey
UsePrivilegeSeparation no
PidFile ./sshd.pid
jauhien@localhost openssh %/usr/sbin/sshd -f sshd_config -D -ddd
debug2: load_server_config: filename sshd_config
debug2: load_server_config: done config len = 201
debug2: parse_server_config: config sshd_config len 201
debug1: Config token is port
debug3: sshd_config:13 setting Port 10022
debug1: Config token is rsaauthentication
debug3: sshd_config:15 setting RSAAuthentication yes
debug1: Config token is pubkeyauthentication
debug3: sshd_config:16 setting PubkeyAuthentication yes
debug1: Config token is authorizedkeysfile
debug3: sshd_config:18 setting AuthorizedKeysFile ./authorized_keys
debug1: Config token is passwordauthentication
debug3: sshd_config:20 setting PasswordAuthentication no
debug1: Config token is hostkey
debug3: sshd_config:22 setting HostKey ./sshkey
debug1: Config token is useprivilegeseparation
debug3: sshd_config:24 setting UsePrivilegeSeparation no
debug1: Config token is pidfile
debug3: sshd_config:25 setting PidFile ./sshd.pid
debug1: HPN Buffer Size: 87380
debug1: sshd version OpenSSH_6.4, OpenSSL 1.0.1e 11 Feb 2013
debug3: Incorrect RSA1 identifier
debug1: read PEM private key done: type RSA
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/jauhien/work/openssh/./sshkey" as a RSA1 public key
debug1: private host key: #0 type 1 RSA
debug1: setgroups() failed: Operation not permitted
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-f'
debug1: rexec_argv[2]='sshd_config'
debug1: rexec_argv[3]='-D'
debug1: rexec_argv[4]='-ddd'
debug3: oom_adjust_setup
Set /proc/self/oom_score_adj from 0 to -1000
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 10022 on 0.0.0.0.
debug1: Server TCP RWIN socket size: 87380
debug1: HPN Buffer Size: 87380
Server listening on 0.0.0.0 port 10022.
debug2: fd 4 setting O_NONBLOCK
debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY
debug1: Bind to port 10022 on ::.
debug1: Server TCP RWIN socket size: 87380
debug1: HPN Buffer Size: 87380
Server listening on :: port 10022.
debug3: fd 5 is not O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 8 config len 201
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
jauhien@localhost openssh %ssh -v -i ./sshkey 127.0.0.1 -p 10022
OpenSSH_6.4, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 53: Applying options for *
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 10022.
debug1: Connection established.
debug1: identity file ./sshkey type 1
debug1: identity file ./sshkey-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.4p1-hpn14v2
ssh_exchange_identification: read: Connection reset by peer
我的 sshd_config 有什么问题?因为我在不同的机器上都遇到了这个错误。
我见过是否可以以普通用户身份运行 sshd?但我UsePrivilegeSeparation no
的配置中有,所以可能并非如此。
UPD。答案很简单:它只适用于配置中的绝对路径。感谢 MadHatter。
答案1
我确信sshd
当二进制文件本身使用相对路径 ( ) 指定时,它不会运行cd /usr/sbin; ./sshd -f ...
;配置文件中指定的文件也可能出现这种情况。尝试将配置文件中的相对路径和配置文件中的相对路径替换为绝对路径。
感谢 a3nm 指出我原始论点中的错误。