SSH相互认证的问题 (authorized_keys )
2012-12-31 15:48
417 查看
今天公司做容灾测试的2台LINUX服务器的SSH相互认证出现了问题,重建公密钥老是提示输入密码。
最后发现,可能是由于谁修改了/home/dbra3的权限(没修改前是777,我改后为了700)
[dbra3@hzmc .ssh]$ chmod 700 ~/.ssh
[dbra3@hzmc .ssh]$ /usr/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/dbra3/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/dbra3/.ssh/id_rsa.
Your public key has been saved in /home/dbra3/.ssh/id_rsa.pub.
The key fingerprint is:
5d:ec:ad:a3:0e:29:4b:2a:f6:67:2e:da:41:09:0e:2c dbra3@hzmc
The key's randomart image is:
+--[ RSA 2048]----+
| |
|. . |
|E.. o |
|.o . . . o . |
| . o S . . . |
| . . . |
| . o o o |
| o..+oo . . . |
| ..++=o .o |
+-----------------+
[dbra3@hzmc .ssh]$ touch ~/.ssh/authorized_keys
[dbra3@hzmc .ssh]$ ssh 172.16.4.28
The authenticity of host '172.16.4.28 (172.16.4.28)' can't be established.
RSA key fingerprint is 4d:51:34:7e:e8:18:58:b2:0f:f9:14:78:7d:da:3e:fb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.4.28' (RSA) to the list of known hosts.
dbra3@172.16.4.28's password:
[dbra3@hzmc ~]$ su - root
Password:
[root@hzmc ~]# cd /home
[root@hzmc home]# ls -l
drwxrwxrwx 5 dbra3 dbra3 4096 Dec 30 2009 dbra3
drwxrwxrwx 2 root root 16384 Sep 22 2009 lost+found
drwxrwxrwx 14 ora10g oinstall 4096 Dec 29 2009 ora10g
drwxrwxrwx 18 oracle oinstall 4096 Dec 16 2009 oracle
[root@hzmc home]# chmod 700 dbra3
[root@hzmc home]#su - dbra3
[dbra3@hzmc]$cd .ssh
[dbra3@hzmc .ssh]$ chmod 644 ~/.ssh/authorized_keys
就这样,ssh相互认证就可以了
最后发现,可能是由于谁修改了/home/dbra3的权限(没修改前是777,我改后为了700)
[dbra3@hzmc .ssh]$ chmod 700 ~/.ssh
[dbra3@hzmc .ssh]$ /usr/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/dbra3/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/dbra3/.ssh/id_rsa.
Your public key has been saved in /home/dbra3/.ssh/id_rsa.pub.
The key fingerprint is:
5d:ec:ad:a3:0e:29:4b:2a:f6:67:2e:da:41:09:0e:2c dbra3@hzmc
The key's randomart image is:
+--[ RSA 2048]----+
| |
|. . |
|E.. o |
|.o . . . o . |
| . o S . . . |
| . . . |
| . o o o |
| o..+oo . . . |
| ..++=o .o |
+-----------------+
[dbra3@hzmc .ssh]$ touch ~/.ssh/authorized_keys
[dbra3@hzmc .ssh]$ ssh 172.16.4.28
The authenticity of host '172.16.4.28 (172.16.4.28)' can't be established.
RSA key fingerprint is 4d:51:34:7e:e8:18:58:b2:0f:f9:14:78:7d:da:3e:fb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.4.28' (RSA) to the list of known hosts.
dbra3@172.16.4.28's password:
[dbra3@hzmc ~]$ su - root
Password:
[root@hzmc ~]# cd /home
[root@hzmc home]# ls -l
drwxrwxrwx 5 dbra3 dbra3 4096 Dec 30 2009 dbra3
drwxrwxrwx 2 root root 16384 Sep 22 2009 lost+found
drwxrwxrwx 14 ora10g oinstall 4096 Dec 29 2009 ora10g
drwxrwxrwx 18 oracle oinstall 4096 Dec 16 2009 oracle
[root@hzmc home]# chmod 700 dbra3
[root@hzmc home]#su - dbra3
[dbra3@hzmc]$cd .ssh
[dbra3@hzmc .ssh]$ chmod 644 ~/.ssh/authorized_keys
就这样,ssh相互认证就可以了
相关文章推荐
- ssh-keygen的使用方法及配置authorized_keys两台linux机器相互认证
- ssh-keygen使用及配置authorized_keys两台linux机器相互认证
- ssh-keygen的使用方法及配置authorized_keys两台linux机器相互认证
- ssh配置authorized_keys后仍然需要输入密码的问题
- 解决ssh添加用户公钥到~/.ssh/authorized_keys文件后任然无法无密码登录的问题
- ssh配置authorized_keys后仍然需要输入密码的问题
- Linux 相互认证 authorized_keys
- ssh配置authorized_keys后仍然需要…
- 解决ssh或ftp下root用户认证失败问题
- chmod 600 .ssh/authorized_keys修改权限
- chmod 600 .ssh/authorized_keys修改权限
- SSH无需输密码的认证问题
- hadoop集群搭建的无密登陆(密钥)---ssh(ssh-keygen -t rsa;scp ../id_rsa.pub >> ./authorized_keys)
- ubuntu 下 virt-manager 的 ssh认证问题
- linux SSH rsa认证方式登录需理清的问题
- 解决Ubuntu重装系统后,导致SSH认证失败的问题
- ssh-copy-id直接发送到对方主机的authorized_keys
- Hadoop集群中关于SSH认证权限的问题
- Shiro整合SSH开发3:配置Shiro认证后页面地址跳转问题(和详述不配置需要注意的问题)
- 配置ORACLE用户的ssh authorized keys