[英]Getting Permission denied (publickey) even having my public key on the authorized_keys server file
我不小心删除了本地计算机上的私钥和公钥。
因此,我使用以下方法创建了一个新对:
ssh-keygen -t rsa
并将id_rsa.pub的内容复制到服务器上的我的authorized_keys中(我可以以root用户身份登录,并且可以在authorized_keys文件中看到根公共密钥)。
但是,我一直在获得“拒绝权限”。 我已经检查了〜/ .ssh和授权密钥权限(分别设置为700和600)。
有任何想法吗?
谢谢!
当我尝试从本地计算机连接时,此处显示日志输出:
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[16635]: debug1: Forked child 27356.
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[27356]: Set /proc/self/oom_score_adj to 0
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[27356]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[27356]: debug1: inetd sockets after dupping: 3, 3
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[27356]: Connection from 50.67.165.140 port 60112
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[27356]: debug1: Client protocol version 2.0; client software version OpenSSH_5.9p1 Debian-5ubuntu1.1
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[27356]: debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH*
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[27356]: debug1: Enabling compatibility mode for protocol 2.0
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[27356]: debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[27356]: debug1: permanently_set_uid: 105/65534 [preauth]
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[27356]: debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth]
Aug 21 16:32:27 ip-xx-xx-xx-xx sshd[27356]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: SSH2_MSG_KEXINIT received [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: kex: client->server aes128-ctr hmac-md5 none [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: kex: server->client aes128-ctr hmac-md5 none [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: SSH2_MSG_NEWKEYS received [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: KEX done [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: userauth-request for user capistrano service ssh-connection method none [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: attempt 0 failures 0 [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: PAM: initializing for "capistrano"
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: PAM: setting PAM_RHOST to "s0106c8fb26427cda.vc.shawcable.net"
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: PAM: setting PAM_TTY to "ssh"
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: userauth-request for user capistrano service ssh-connection method publickey [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: attempt 1 failures 0 [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: test whether pkalg/pkblob are acceptable [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: temporarily_use_uid: 1001/1001 (e=0/0)
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: trying public key file /home/capistrano/.ssh/authorized_keys
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: fd 4 clearing O_NONBLOCK
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: restore_uid: 0/0
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: Failed publickey for capistrano from <ip> port 60112 ssh2
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: Connection closed by <ip> [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: do_cleanup [preauth]
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: monitor_read_log: child log fd closed
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: do_cleanup
Aug 21 16:32:28 ip-xx-xx-xx-xx sshd[27356]: debug1: PAM: cleanup
删除您的工作站的known_hosts条目,然后重试。 我将644用于authorized_keys。
涉及哪些用户和路径? 在标准的opensh设置中,远程用户的$ HOME / .ssh目录(ssh登录到的目录)是authorized_keys文件的正确位置。 但是,也可以将文件放在其他位置。
另外,检查文件所有权。 用户登录后必须拥有authorized_keys文件。
尝试/ var / log / messages或/ var / log / secure(失败尝试后的“ ls -ltr / var / log”可能有助于找出正确的日志文件),可能会提供详细信息。
如果所有其他方法均失败,则可以跟踪sshd进程以准确查看它们正在读取的文件。 这样做并非易事,但确实可以解决服务器操作的问题。
对我有用的是:
chmod 750 /home/user
chmod 700 /home/user/.ssh
chmod 644 /home/user/.ssh/authorized_keys
如果这不适合您,请尝试:
chmod 755 /home/user
好的,所以我知道了...问题是我正在将公共密钥添加到另一个用户目录上的authorized_keys文件中。 :S ..仍然感谢
将SSH密钥添加到authorized_keys:权限被拒绝(publickey)
[英]Adding SSH Key to authorized_keys: permission denied(publickey)
将公钥添加到服务器的authorized_keys文件后,是否应将其删除?
[英]Should I remove the public key after adding it to the server's authorized_keys file?
如何自动将ssh公钥添加到authorized_keys文件?
[英]How to auto add your ssh public key to the authorized_keys files?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.