openssh服务器配置免密登录不起作用- Community

[3rd-Party Apps] openssh服务器配置免密登录不起作用 Resolved

Product Feedback 461 views · 4 replies ·

tccxy

deepin

2023-07-12 23:36

Author

使用密码登录是可以的


 ✘ ⚡ root@LAPTOP-A23I5FN9  ~/.ssh  ssh [email protected]
[email protected]'s password:
验证成功
Welcome to Deepin 20.9 GNU/Linux

    * Homepage:https://www.deepin.org/

    * Bugreport:https://bbs.deepin.org/


Last login: Wed Jul 12 15:15:01 2023 from 192.168.31.113

生成公钥并copy到deep上如下

⚡ root@LAPTOP-A23I5FN9  ~/.ssh  ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:WigyqnGDVhBr/dxq2S9T5qaWzpoZRYCizjyd1mzyd1o root@LAPTOP-A23I5FN9
The key's randomart image is:
+---[RSA 3072]----+
| .  ..           |
| .+.  .          |
|.+..   .         |
|o . o o.         |
|+ +.=o.oS        |
| B.B ==o o       |
|+.= +=..=E       |
|oo ...=*o+       |
|.    +==B.       |
+----[SHA256]-----+
 ⚡ root@LAPTOP-A23I5FN9  ~/.ssh  ssh-copy-id [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.31.190 (192.168.31.190)' can't be established.
ECDSA key fingerprint is SHA256:EIWU5OWtieipNkwHTRqRoHU/10+l7w2VrEdZtwknPl8.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.

依然无法免密登录，直接将公钥文件放到.ssh/下也不行,md5校验文件也没错

ZwDeep@ZwDeep-PC:~/.ssh$ ls
authorized_keys
ZwDeep@ZwDeep-PC:~/.ssh$ cat authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDw/iYXeWeXAC6hev5QwKZdPNlITLn6+V1JZ5NzPm/Tzo/SW5NkvCbACrd8OQhnB6YVjajHT2nLW4/eB42HXvUpFGE0/Ge5xIlMUFz/+YG2zVQauCE8NTvEfMGjRf7syfwVtECtPwhueT3hwED1IKTnap5Hv56TFeMQPbs7rVwUKrfe/diph13nXqFTMTd1yTyMVePtUlJkqvzm/03c7RLctYMpkbtN+AgG/wtk/E6YaB9LxqWgPdVtl36ZNZWAQ3swyXAE302L/KaJZGN4WVFclI6E8DpOkQyAyh7XwMEzS8ryz6BxjgoVqXifDDwZ6FLATtUQuhMDhjcLs5dWKOStmuqzKeS/WT63oJWXlhn7VBzCe76Ol3Nvw26prLNoHyWSYNGYjU3WuJ+OlJQ/AOptHJufJy05pnmNZgvvAcSjTiUyztADhCUV/G9ZsB4Gi5esxSRBdxTXe39VCPWZNk4xmXIDc813KvAmtja2i8zHecCn2l3Wq9r0q2eMbPcBXqU= root@LAPTOP-A23I5FN9
ZwDeep@ZwDeep-PC:~/.ssh$ md5sum authorized_keys 
2b3f5425b7b2ba425da406ad44b65166  authorized_keys
ZwDeep@ZwDeep-PC:~/.ssh$ ls -la
总用量 12
drwxrwxrwx  2 ZwDeep ZwDeep 4096 7月  12 15:23 .
drwxr-x--- 25 ZwDeep ZwDeep 4096 7月  12 15:18 ..
-rw-------  1 ZwDeep ZwDeep  574 7月  12 15:23 authorized_keys
ZwDeep@ZwDeep-PC:~/.ssh$

Reply Like 0 Favorite View the author

All Replies

owen_337

deepin testing team

2023-07-12 23:45

楼主你好，这个需要两台机器均相互做生成公钥并copy，然后修改这个文件哈 sudo vim /etc/ssh/sshd_config，如下图进行修改，最后sudo systemctl start ssh就可以了哈

Reply Like 1 View the author

tccxy

deepin

2023-07-13 00:00

问题已经解决

创建.ssh的权限要给成700

drwx------  2 ZwDeep ZwDeep  4096 7月  12 15:57 .ssh

Reply Like 0 View the author

tccxy

deepin

2023-07-13 00:03

owen_337：

我这边没有开root的ssh权限，只是普通用户就行

刚刚装了个deep，之前一直是ubuntu用户，给你们点赞哈！感觉比ubuntu要好用，

之前ubuntu应该是装包时候自动创建的.ssh目录，一直也没注意过

我自己创建了后给了777的权限，结果总是不行

后面把权限给成700就行了，具体的原因我也不清楚了

Reply Like 0 View the author

deepinuser17

deepin

2023-07-13 07:08

777的权限违反了OpenSSH的安全限制. 777的权限可以让任何账户修改高度敏感的文件. 在授权时, ssh会查看权限是否合理. 如果不合理, 立即中断连接. 如果查看/var/log/auth.log, 会看到出错信息.

另外, /home/<用户>的权限也不能设为777. 否则同样ssh无法连接.

Reply Like 2 View the author

New Thread

Popular Ranking

Change

Popular Events