Centos 6.3上用OpenSSH实现无密码登录过程中出现问题的一般调试步骤
2012-09-15 22:15
465 查看
这次在Centos 6.3上实现无密码登录,发现怎么样都没能成功,无论怎样,还是需要密码,一下为解决方法
1. 查看ssh 登录的详细信息
发现如下信息:
上面看出了整个登录过程
2. 用root查询系统登录日志
发现如下日志信息:
上面可以看出,无密码登录失败的原因在于authorized_keys的文件权限不对
3.修改文件权限
4.重新登录
登录成功!
1. 查看ssh 登录的详细信息
ssh -v localhost
发现如下信息:
[shgong@localhost ~]$ ssh -v localhost OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to localhost [::1] port 22. debug1: Connection established. debug1: identity file /home/shgong/.ssh/identity type -1 debug1: identity file /home/shgong/.ssh/id_rsa type 1 debug1: identity file /home/shgong/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'localhost' is known and matches the RSA host key. debug1: Found key in /home/shgong/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_500' not found debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_500' not found debug1: Unspecified GSS failure. Minor code may provide more information debug1: Unspecified GSS failure. Minor code may provide more information debug1: Next authentication method: publickey debug1: Trying private key: /home/shgong/.ssh/identity debug1: Offering public key: /home/shgong/.ssh/id_rsa debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Offering public key: /home/shgong/.ssh/id_dsa debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: password
上面看出了整个登录过程
2. 用root查询系统登录日志
$tail /var/log/secure -n 20
发现如下日志信息:
Sep 15 21:40:06 localhost sudo: shgong : TTY=pts/17 ; PWD=/home/shgong ; USER=root ; COMMAND=/sbin/service sshd restart Sep 15 21:40:06 localhost sshd[4103]: Received signal 15; terminating. Sep 15 21:40:06 localhost sshd[4228]: Server listening on 0.0.0.0 port 22. Sep 15 21:40:06 localhost sshd[4228]: Server listening on :: port 22. Sep 15 21:41:13 localhost sshd[4235]: Authentication refused: bad ownership or modes for file /home/shgong/.ssh/authorized_keys Sep 15 21:41:13 localhost sshd[4235]: Authentication refused: bad ownership or modes for file /home/shgong/.ssh/authorized_keys Sep 15 21:41:13 localhost sshd[4235]: Authentication refused: bad ownership or modes for file /home/shgong/.ssh/authorized_keys Sep 15 21:41:13 localhost sshd[4235]: Authentication refused: bad ownership or modes for file /home/shgong/.ssh/authorized_keys
上面可以看出,无密码登录失败的原因在于authorized_keys的文件权限不对
[shgong@localhost ~]$ ls -lh ~/.ssh/ total 24K -rw-------. 1 shgong shgong 1.5K Sep 15 21:41 authorized_keys -rw-------. 1 shgong shgong 668 Sep 15 21:36 id_dsa -rw-r--r--. 1 shgong shgong 618 Sep 15 21:36 id_dsa.pub -rw-------. 1 shgong shgong 1.7K Sep 15 21:40 id_rsa -rw-r--r--. 1 shgong shgong 410 Sep 15 21:40 id_rsa.pub -rw-r--r--. 1 shgong shgong 391 Sep 15 21:36 known_hosts
3.修改文件权限
[shgong@localhost ~]$ chmod 600 ~/.ssh/authorized_keys
4.重新登录
[shgong@localhost ~]$ ssh -v localhost OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to localhost [::1] port 22. debug1: Connection established. debug1: identity file /home/shgong/.ssh/identity type -1 debug1: identity file /home/shgong/.ssh/id_rsa type 1 debug1: identity file /home/shgong/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'localhost' is known and matches the RSA host key. debug1: Found key in /home/shgong/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_500' not found debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_500' not found debug1: Unspecified GSS failure. Minor code may provide more information debug1: Unspecified GSS failure. Minor code may provide more information debug1: Next authentication method: publickey debug1: Trying private key: /home/shgong/.ssh/identity debug1: Offering public key: /home/shgong/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 debug1: read PEM private key done: type RSA debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env XMODIFIERS = @im=ibus debug1: Sending env LANG = en_US.UTF-8
登录成功!
相关文章推荐
- CentOS-7-i386-DVD-1708 root用户忘记密码解决过程最后一步出现Host SMBus controller not enabled的问题
- CentOS使用key登录服务器时候出现密码失败问题
- 使用CAS实现单点登录的过程中出现的一些问题
- CentOS6.3上SSH远程登录实现无密码认证
- CentOS环境下,gdb调试中出现:Missing separate debuginfos, use: debuginfo-install.....的问题
- 通过SSH证书实现Putty免密码登录CentOS
- 用Spinner实现用户选择过程中出现的R文件丢失问题
- tomcat登录后出现XDB输入用户名密码问题
- 关于MySql在调试过程中出现Driver not loaded Driver not loaded的问题的解决办法
- ssh无密码登录设置方法以及出现问题 ECDSA host key 和IP地址对应的key不同的解决
- 实现Android自定义ListView过程中出现的一些问题,要注意了,不能再犯!
- Windbg调试win登录用户密码验证过程
- LAMP环境搭建过程中出现的问题——基于VM虚拟CentOS-5.6
- CentOS 配置无密码登录的实现
- CentOS环境下,gdb调试中出现:Missing separate debuginfos, use: 4000 debuginfo-install.....的问题
- CentOS 6.3 SSH无密码登录
- 通过调试的重构代码(设计是对的,但是实现过程却有诸多的问题)
- 怎样实现 Windows 7/Vista 开机自动登录而不用输入密码的问题
- centos 6 设置无密码登录ssh 不成功问题
- 关于登录sql server 2005 出现“已成功与服务器建立连接,但是在登录过程中发生错取。(provider:共享内存提供程序,error:0-管道的另一端上无任何进程”的问题