当 ssh'ing 到我的服务器(运行 Arch 的 RaspPi)时,它不接受我的密码(我 98% 确信密码是正确的),并且之前通常的延迟Permission denied, please try again.也不存在。否则,服务器运行良好。
我尝试使用默认值/etc/ssh/ssh_config,但/etc/ssh/sshd_config没有成功。使用 root 登录是一样的,在再次询问密码之前不会有任何延迟。
我没有任何显示器可以连接到 Pi,因此无法检查 journalctl 和类似的内容,但我可以物理访问 SD 卡。
如前所述,我已将 ssh_config 和 sshd_config 设置为默认值,并且我完全困惑为什么 openssh 会这样。
这是ssh -v撤回 ip 的 root(我自己没有看到任何异常):
OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to ****.com [**.***.***.**] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/****/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/****/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/****/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/****/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/****/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/****/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/****/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/****/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.1
debug1: match: OpenSSH_7.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to *********.com:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client [email protected] <implicit> none
debug1: kex: client->server [email protected] <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:TPjpBFxCBTcJR+zUv0KRTd3ImVCWzAk8D2U++W422oA
debug1: Host '******.com' is known and matches the ECDSA host key.
debug1: Found key in /home/****/.ssh/known_hosts:3
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/****/.ssh/id_rsa
debug1: Trying private key: /home/****/.ssh/id_dsa
debug1: Trying private key: /home/****/.ssh/id_ecdsa
debug1: Trying private key: /home/****/.ssh/id_ed25519
debug1: Next authentication method: password
root@*******.com's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
root@******.com's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
root@******com's password:
答案1
我相信您可以journalctl在任何计算机上使用从SD卡读取日志。为此目的有--root多种选择。--directory
如果您不在 PC 上使用 Arch,那么 LiveCD/USB 应该可以很好地完成工作。
@Brean 的猜测PermitRootLogin是我的猜测,但你没有提供足够的信息让我具体这么说。
如果允许 root 登录,但密码仍然不被接受,那么您可以手动编辑 SD 卡上的密码,但生成 ssh 密钥并将其粘贴到/home/root/.ssh/authorized_keys.
答案2
感谢@ams,我可以访问日志,其中似乎是 PAM 的问题。我在 中禁用了 pam 身份验证sshd_config,并且能够以 root 身份登录。在那里我可以进行系统更新(其中 pam 有一个新版本),并且现在可以以普通用户身份登录。
然而,由于某种原因,通过 ssh 登录尝试之间的暂停仍然不存在(这显然是一个严重的安全问题),但如果需要的话,我会发布一个关于此的单独问题。