几个月来,我在许多服务器上使用公钥登录都没有遇到任何问题。我在客户端计算机上生成密钥,并使用 ssh-copy-id 将其复制到服务器的 ~/.ssh/authorized_keys。一切都很顺利,直到前几天有一台机器停止接受基于密钥的登录。显然发生了变化,但 sshd_config 与以前和其他服务器相同。
详细运行连接提供以下内容:
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/kapn/.ssh/id_rsa RSA SHA256: <deleted for post>
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/kapn/.ssh/id_dsa
<and so on until it asks for a password>
我的 sshd_config 文件
Port 2201
PermitRootLogin without-password
PubkeyAuthentication yes
ChallengeResponseAuthentication no
UsePAM yes
TCPKeepAlive yes
# All else is at default settings.
# With the exception of the Port, PubKeyAuthentication and PermitRootLogin settings,
# I didn't intentionally change anything here.
有没有想过在哪里可以找到问题?除了通过 ssh 上的 -vv 开关之外,还有其他数据可以收集吗?
答案1
谢谢你的建议。我检查了/var/log/auth.log一下,在浏览了无尽的攻击垃圾邮件后,我发现它对目录权限感到不满:
Dec 30 17:51:24 kaos02 sshd[25533]: Authentication refused: bad ownership or modes for directory /home/user
我发现我曾经在某个时候设置了主目录的组写入权限。一旦删除它,一切就都好了。