在一台运行 CentOS v6.2 的完全相同的目标机器上,我在我的 Macbook 和另一台 Ubuntu 机器上执行了相同的程序集。 Macbook ssh login-less 现在工作完美,但 Ubuntu 服务器仍然无法无密码连接到目标机器。这是我所做的:
KEYNAME=~/.ssh/foo_key
# generate a new key
ssh-keygen -t rsa -f ${KEYNAME}
# fix permissions
chmod 600 ${KEYNAME}.pub ${KEYNAME}
# add key
eval `ssh-agent -s`
eval "$(ssh-agent)"
ssh-add ${KEYNAME}
# copy key to target machine foo
cat ${KEYNAME}.pub | ssh foo "cat - >> ~/.ssh/authorized_keys"
cat ${KEYNAME}.pub | ssh foo "cat - >> ~/.ssh/authorized_keys2"
2- 然后我将键名添加到 Macbook 和 Ubuntu 的 ~/.ssh/config 文件中。
3- 我确保将目标机器 ~/.ssh
和 ~/.ssh/authorized*
权限修复为 700/750。
一些其他信息:
Ubuntu ssh 版本是:
OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 2012 年 3 月 14 日
Macbook ssh 版本是:
OpenSSH_6.2p2, OSSLShim 0.9.8r 2011 年 12 月 8 日
objective-c entOS v6.2 ssh 版本是:
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 2013 年 2 月 11 日
这是 ssh -v foo
的结果:
OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /home/ashouri/.ssh/config
debug1: /home/ashouri/.ssh/config line 1: Applying options for *
debug1: /home/ashouri/.ssh/config line 5: Applying options for eecis
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to hoek.eecis.udel.edu [128.4.31.39] port 22.
debug1: Connection established.
debug1: identity file /home/ashouri/.ssh/cavazos_lab.pub type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/ashouri/.ssh/cavazos_lab.pub-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA d5:d6:53:4c:41:81:3b:28:41:ef:8b:97:d9:19:3b:dd
debug1: Host 'hoek.eecis.udel.edu' is known and matches the RSA host key.
debug1: Found key in /home/ashouri/.ssh/known_hosts:7
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,hostbased
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1005' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1005' not found
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1005' not found
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/ashouri/.ssh/cavazos_lab.pub
debug1: key_parse_private_pem: PEM_read_PrivateKey failed
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,hostbased
debug1: Next authentication method: password
谁能告诉我为什么会这样?
最佳答案
上网一个小时后,我找到了一个帖子Here其中陈述了解决问题的技巧;只需要在 ~/.ssh/config 中删除对公钥文件作为身份的引用,而是指向私钥。 (只需从行中删除 .pub
段)。就这些!
关于ubuntu - 在 ssh 登录时仍然被要求输入密码,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/27304222/