我在 OpenStack 实例中运行 Ubuntu 13.04。创建实例时,我指定了一个密钥对,我可以使用以下命令通过 ssh 进入该框:
[laptop]$ ssh -i keypair.pem ubuntu@my-instance
我不知道 OpenStack 做了什么魔法来实现这一点,但它就是能做到。现在我想设置“正常”的公钥认证。我甚至无法让它工作以便从实例登录到本地主机;它总是要求我输入密码!我试过:
[my-instance]$ cd ~/.ssh
[my-instance]$ ssh-keygen -t rsa
[my-instance]$ echo id_rsa.pub >> authorized_keys
[my-instance]$ ssh localhost
Password: _
我总是在“普通”服务器上这样做;我检查了私钥和 authorized_keys 文件的权限,还尝试了 dsa 和 ecdsa 密钥。ssh -v 的输出不是很有启发性(见下文)。有人能解释一下我的情况吗?
...
debug1: Found key in /home/ubuntu/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/ubuntu/.ssh/id_rsa (0x7f86d8041ec0)
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/ubuntu/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: Next authentication method: keyboard-interactive
...
答案1
这句话看起来可疑:
echo id_rsa.pub >> authorized_keys
你可能想表达这样的意思:
cat id_rsa.pub >> authorized_keys
您可能还想编辑authorized_keys并删除以下行:id_rsa.pub