我刚刚配置了 RHEL 7 以进行 Windows 身份验证(idmap_ad)。
每次检查都有效,但如果我尝试使用域用户进行 ssh,我会收到错误:
Connection closed by ::1
以下是调试模式下的 ssh 日志:
Jul 22 11:16:02 SERVER sshd[7720]: Received signal 15; terminating.
Jul 22 11:16:03 SERVER sshd[7897]: Set /proc/self/oom_score_adj from 0 to -1000
Jul 22 11:16:03 SERVER sshd[7897]: debug1: Bind to port 22 on 0.0.0.0.
Jul 22 11:16:03 SERVER sshd[7897]: Server listening on 0.0.0.0 port 22.
Jul 22 11:16:03 SERVER sshd[7897]: debug1: Bind to port 22 on ::.
Jul 22 11:16:03 SERVER sshd[7897]: Server listening on :: port 22.
Jul 22 11:16:09 SERVER sshd[7897]: debug1: Forked child 7902.
Jul 22 11:16:09 SERVER sshd[7902]: Set /proc/self/oom_score_adj to 0
Jul 22 11:16:09 SERVER sshd[7902]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Jul 22 11:16:09 SERVER sshd[7902]: debug1: inetd sockets after dupping: 3, 3
Jul 22 11:16:09 SERVER sshd[7902]: Connection from ::1 port 44497
Jul 22 11:16:09 SERVER sshd[7902]: debug1: Client protocol version 2.0; client software version OpenSSH_6.4
Jul 22 11:16:09 SERVER sshd[7902]: debug1: match: OpenSSH_6.4 pat OpenSSH*
Jul 22 11:16:09 SERVER sshd[7902]: debug1: Enabling compatibility mode for protocol 2.0
Jul 22 11:16:09 SERVER sshd[7902]: debug1: Local version string SSH-2.0-OpenSSH_6.4
Jul 22 11:16:09 SERVER sshd[7902]: debug1: SELinux support enabled [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: permanently_set_uid: 74/74 [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: list_hostkey_types: ssh-rsa,ecdsa-sha2-nistp256 [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: SSH2_MSG_KEXINIT received [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: kex: client->server aes128-ctr [email protected] none [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: kex: server->client aes128-ctr [email protected] none [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: SSH2_MSG_NEWKEYS received [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: KEX done [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: userauth-request for user USER service ssh-connection method none [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: attempt 0 failures 0 [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: PAM: initializing for "USER"
Jul 22 11:16:09 SERVER sshd[7902]: debug1: PAM: setting PAM_RHOST to "localhost"
Jul 22 11:16:09 SERVER sshd[7902]: debug1: PAM: setting PAM_TTY to "ssh"
Jul 22 11:16:09 SERVER sshd[7902]: debug1: userauth-request for user USER service ssh-connection method gssapi-with-mic [preauth]
Jul 22 11:16:09 SERVER sshd[7902]: debug1: attempt 1 failures 0 [preauth]
Jul 22 11:16:12 SERVER sshd[7902]: debug1: userauth-request for user USER service ssh-connection method password [preauth]
Jul 22 11:16:12 SERVER sshd[7902]: debug1: attempt 2 failures 0 [preauth]
Jul 22 11:16:12 SERVER sshd[7902]: debug1: temporarily_use_uid: 4294967295/4294967295 (e=0/0)
Jul 22 11:16:12 SERVER sshd[7902]: fatal: initgroups: USER: Invalid argument
Jul 22 11:16:12 SERVER sshd[7902]: debug1: do_cleanup
Jul 22 11:16:12 SERVER sshd[7902]: debug1: PAM: cleanup
Jul 22 11:16:12 SERVER sshd[7902]: debug1: Killing privsep child 7903