V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
Distributions
Ubuntu
Fedora
CentOS
中文资源站
网易开源镜像站
XyCinus
V2EX  ›  Linux

ssh 公钥认证只有 root 成功,其他用户却没法公钥认证,请问这可能是什么情况啊?

  •  
  •   XyCinus · 2015-10-31 23:51:44 +08:00 · 12683 次点击
    这是一个创建于 3305 天前的主题,其中的信息可能已经有所发展或是发生改变。

    是有除了在~/.ssh/authoried_keys 文件里面加入公钥以外还要在/etc/ssh/ 下的某个配置文件里面写入那些账户是能使用公钥认证的吗?
    主机是腾讯云上的 Centos6 x86_64
    麻烦大家帮忙分析一下,谢谢

    11 条回复    2015-11-01 12:08:23 +08:00
    c742435
        1
    c742435  
       2015-11-01 00:39:44 +08:00
    你是不是都加在 root 的~/.ssh/authoried_keys 目录下了
    每个账户的~是不同目录
    还有就是确保该账户能读取这个文件
    ryd994
        2
    ryd994  
       2015-11-01 05:03:40 +08:00
    @c742435 不仅要读取权限
    .ssh 权限必须是 700/500 authorized_keys 必须是 600/400
    XyCinus
        3
    XyCinus  
    OP
       2015-11-01 09:01:24 +08:00
    @c742435 我在需要使用公钥认证的账户里面都加入了公钥.
    @ryd994 现在我的.ssh 是 500,authorized_keys 是 600
    我贴一下 ssh -vv 的结果:
    OpenSSH_6.7p1 Debian-5, OpenSSL 1.0.1k 8 Jan 2015
    debug1: Reading configuration data /home/cxy/.ssh/config
    debug1: /home/cxy/.ssh/config line 1: Applying options for TX
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 19: Applying options for *
    debug1: Hostname has changed; re-reading configuration
    debug1: Reading configuration data /home/cxy/.ssh/config
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 19: Applying options for *
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to 182.254.209.40 [182.254.209.40] port 2200.
    debug1: Connection established.
    debug1: identity file /home/cxy/.ssh/id_rsa type 1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_rsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_dsa type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_dsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_ecdsa type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_ecdsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_ed25519 type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_ed25519-cert type -1
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
    debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
    debug2: fd 3 setting O_NONBLOCK
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],[email protected],arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],[email protected],arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1,[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1,[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,[email protected],zlib
    debug2: kex_parse_kexinit: none,[email protected],zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,[email protected]
    debug2: kex_parse_kexinit: none,[email protected]
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: mac_setup: setup [email protected]
    debug1: kex: server->client aes128-ctr [email protected] none
    debug2: mac_setup: setup [email protected]
    debug1: kex: client->server aes128-ctr [email protected] none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug2: bits set: 1547/3072
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Server host key: RSA 90:c1:b4:87:e3:29:df:bd:1e:f6:42:8a:89:b7:86:01
    debug1: checking without port identifier
    debug1: Host '182.254.209.40' is known and matches the RSA host key.
    debug1: Found key in /home/cxy/.ssh/known_hosts:16
    debug1: found matching key w/out port
    debug2: bits set: 1504/3072
    debug2: kex_derive_keys
    debug2: set_newkeys: mode 1
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug2: set_newkeys: mode 0
    debug1: SSH2_MSG_NEWKEYS received
    debug1: Roaming not allowed by server
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug2: service_accept: ssh-userauth
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug2: key: /home/cxy/.ssh/id_rsa (0x7fdb50042e60),
    debug2: key: /home/cxy/.ssh/id_dsa ((nil)),
    debug2: key: /home/cxy/.ssh/id_ecdsa ((nil)),
    debug2: key: /home/cxy/.ssh/id_ed25519 ((nil)),
    debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
    debug1: Next authentication method: gssapi-keyex
    debug1: No valid Key exchange context
    debug2: we did not send a packet, disable method
    debug1: Next authentication method: gssapi-with-mic
    debug1: Unspecified GSS failure. Minor code may provide more information
    No Kerberos credentials available

    debug1: Unspecified GSS failure. Minor code may provide more information
    No Kerberos credentials available

    debug1: Unspecified GSS failure. Minor code may provide more information


    debug1: Unspecified GSS failure. Minor code may provide more information
    No Kerberos credentials available

    debug2: we did not send a packet, disable method
    debug1: Next authentication method: publickey
    debug1: Offering RSA public key: /home/cxy/.ssh/id_rsa
    debug2: we sent a publickey packet, wait for reply
    debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
    debug1: Trying private key: /home/cxy/.ssh/id_dsa
    debug1: Trying private key: /home/cxy/.ssh/id_ecdsa
    debug1: Trying private key: /home/cxy/.ssh/id_ed25519
    debug2: we did not send a packet, disable method
    debug1: Next authentication method: password
    ryd994
        4
    ryd994  
       2015-11-01 09:10:19 +08:00
    你要贴 sshd 的日志啊, ssh 的不会说原因的
    XyCinus
        5
    XyCinus  
    OP
       2015-11-01 09:31:46 +08:00
    @ryd994 这个是 /var/log/secure 文件的信息.不知道是不是这个,但是这个信息更少,只有一条密码错误和密码正确
    Nov 1 09:22:43 localhost sshd[2242]: Connection closed by 113.140.84.101
    Nov 1 09:23:00 localhost sshd[2243]: Failed password for cxy from 113.140.28.66 port 16310 ssh2
    Nov 1 09:23:06 localhost sshd[2243]: Accepted password for cxy from 113.140.28.66 port 16310 ssh2
    Nov 1 09:23:50 localhost sudo: cxy : TTY=pts/1 ; PWD=/home/cxy ; USER=root ; COMMAND=/usr/bin/tail -F /var/log/secure-20151101
    Nov 1 09:24:23 localhost sudo: cxy : TTY=pts/1 ; PWD=/home/cxy ; USER=root ; COMMAND=/bin/cat /var/log/secure
    Nov 1 09:26:10 localhost sudo: cxy : TTY=pts/2 ; PWD=/home/cxy ; USER=root ; COMMAND=/bin/cat /var/log/secure /var/log/secure-20151022 /var/log/secure-20151025 /var/log/secure-20151101
    Nov 1 09:27:01 localhost sudo: cxy : TTY=pts/2 ; PWD=/home/cxy ; USER=root ; COMMAND=/bin/cat /var/log/secure-20151101
    Nov 1 09:29:02 localhost sudo: cxy : TTY=pts/2 ; PWD=/home/cxy ; USER=root ; COMMAND=/sbin/service sshd restart
    Nov 1 09:29:02 localhost sshd[1019]: Received signal 15; terminating.
    Bardon
        6
    Bardon  
       2015-11-01 10:20:49 +08:00
    看不出结果

    ssh xxx@xxx -vvv 结果,贴出 debug3 的日志
    Bardon
        7
    Bardon  
       2015-11-01 10:25:04 +08:00
    或者,服务端 sshd_config 中加入
    AllowUsers username
    Bardon
        8
    Bardon  
       2015-11-01 10:39:56 +08:00
    debug1: identity file /home/cxy/.ssh/id_rsa type 1
    debug1: key_load_public: No such file or directory
    ......
    XyCinus
        9
    XyCinus  
    OP
       2015-11-01 10:46:57 +08:00
    @Bardon 在我本机是有 home/cxy/.ssh/id_rsa 的.远端上也有 publuc key , root 和普通用户的家目录都有,因为 root 是能够使用公钥登录的.
    一下是 ssh -vvv 的信息:
    OpenSSH_6.7p1 Debian-5, OpenSSL 1.0.1k 8 Jan 2015
    debug1: Reading configuration data /home/cxy/.ssh/config
    debug1: /home/cxy/.ssh/config line 1: Applying options for TX
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 19: Applying options for *
    debug1: Hostname has changed; re-reading configuration
    debug1: Reading configuration data /home/cxy/.ssh/config
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 19: Applying options for *
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to 182.254.209.40 [182.254.209.40] port 2200.
    debug1: Connection established.
    debug1: identity file /home/cxy/.ssh/id_rsa type 1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_rsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_dsa type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_dsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_ecdsa type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_ecdsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_ed25519 type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /home/cxy/.ssh/id_ed25519-cert type -1
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
    debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
    debug2: fd 3 setting O_NONBLOCK
    debug3: put_host_port: [182.254.209.40]:2200
    debug3: load_hostkeys: loading entries for host "[182.254.209.40]:2200" from file "/home/cxy/.ssh/known_hosts"
    debug3: load_hostkeys: found key type RSA in file /home/cxy/.ssh/known_hosts:1
    debug3: load_hostkeys: loaded 1 keys
    debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],[email protected],arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],[email protected],arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1,[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1,[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,[email protected],zlib
    debug2: kex_parse_kexinit: none,[email protected],zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,[email protected]
    debug2: kex_parse_kexinit: none,[email protected]
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: mac_setup: setup [email protected]
    debug1: kex: server->client aes128-ctr [email protected] none
    debug2: mac_setup: setup [email protected]
    debug1: kex: client->server aes128-ctr [email protected] none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug2: bits set: 1563/3072
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Server host key: RSA 90:c1:b4:87:e3:29:df:bd:1e:f6:42:8a:89:b7:86:01
    debug3: put_host_port: [182.254.209.40]:2200
    debug3: put_host_port: [182.254.209.40]:2200
    debug3: load_hostkeys: loading entries for host "[182.254.209.40]:2200" from file "/home/cxy/.ssh/known_hosts"
    debug3: load_hostkeys: found key type RSA in file /home/cxy/.ssh/known_hosts:1
    debug3: load_hostkeys: loaded 1 keys
    debug3: load_hostkeys: loading entries for host "[182.254.209.40]:2200" from file "/home/cxy/.ssh/known_hosts"
    debug3: load_hostkeys: found key type RSA in file /home/cxy/.ssh/known_hosts:1
    debug3: load_hostkeys: loaded 1 keys
    debug1: Host '[182.254.209.40]:2200' is known and matches the RSA host key.
    debug1: Found key in /home/cxy/.ssh/known_hosts:1
    debug2: bits set: 1548/3072
    debug2: kex_derive_keys
    debug2: set_newkeys: mode 1
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug2: set_newkeys: mode 0
    debug1: SSH2_MSG_NEWKEYS received
    debug1: Roaming not allowed by server
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug2: service_accept: ssh-userauth
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug2: key: /home/cxy/.ssh/id_rsa (0x7f353b34b1c0),
    debug2: key: /home/cxy/.ssh/id_dsa ((nil)),
    debug2: key: /home/cxy/.ssh/id_ecdsa ((nil)),
    debug2: key: /home/cxy/.ssh/id_ed25519 ((nil)),
    debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
    debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
    debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
    debug3: authmethod_lookup gssapi-keyex
    debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
    debug3: authmethod_is_enabled gssapi-keyex
    debug1: Next authentication method: gssapi-keyex
    debug1: No valid Key exchange context
    debug2: we did not send a packet, disable method
    debug3: authmethod_lookup gssapi-with-mic
    debug3: remaining preferred: publickey,keyboard-interactive,password
    debug3: authmethod_is_enabled gssapi-with-mic
    debug1: Next authentication method: gssapi-with-mic
    debug1: Unspecified GSS failure. Minor code may provide more information
    No Kerberos credentials available

    debug1: Unspecified GSS failure. Minor code may provide more information
    No Kerberos credentials available

    debug1: Unspecified GSS failure. Minor code may provide more information


    debug1: Unspecified GSS failure. Minor code may provide more information
    No Kerberos credentials available

    debug2: we did not send a packet, disable method
    debug3: authmethod_lookup publickey
    debug3: remaining preferred: keyboard-interactive,password
    debug3: authmethod_is_enabled publickey
    debug1: Next authentication method: publickey
    debug1: Offering RSA public key: /home/cxy/.ssh/id_rsa
    debug3: send_pubkey_test
    debug2: we sent a publickey packet, wait for reply
    debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
    debug1: Trying private key: /home/cxy/.ssh/id_dsa
    debug3: no such identity: /home/cxy/.ssh/id_dsa: No such file or directory
    debug1: Trying private key: /home/cxy/.ssh/id_ecdsa
    debug3: no such identity: /home/cxy/.ssh/id_ecdsa: No such file or directory
    debug1: Trying private key: /home/cxy/.ssh/id_ed25519
    debug3: no such identity: /home/cxy/.ssh/id_ed25519: No such file or directory
    debug2: we did not send a packet, disable method
    debug3: authmethod_lookup password
    debug3: remaining preferred: ,password
    debug3: authmethod_is_enabled password
    debug1: Next authentication method: password
    XyCinus
        10
    XyCinus  
    OP
       2015-11-01 10:57:19 +08:00
    @Bardon @c742435 @ryd994 谢谢大家,问题已经解决了
    昨天没法使用公钥认证的问题是.ssh 目录的权限是 770
    然而我一直没有找到问题所在,在 sshd_config 里面将这一项:
    AuthorizedKeysFile .ssh/authorized_keys 修改为了
    AuthorizedKeysFile ~/.ssh/authorized_keys
    所以在今天我修改权限以后,sshd 一直找不到该文件,今天看到了
    将其该回来了,于是就能够公钥认证了.
    我认为是在还没有登录以前 HOME 变量是不存在的,所以找不到~/.ssh/authorized_keys
    是我脑子抽了,谢谢大家
    LazyZhu
        11
    LazyZhu  
       2015-11-01 12:08:23 +08:00
    现在默认参数是:
    AuthorizedKeysFile %h/.ssh/authorized_keys
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   927 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 23ms · UTC 22:36 · PVG 06:36 · LAX 14:36 · JFK 17:36
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.