23,120
社区成员
发帖
与我相关
我的任务
分享求助!使用ssh public key登录,root用户成功,普通用户失败!
有两台机器host1, host2,都 是linux系统,
使用SSH 的public key 从host1向host2登录。
我的做法如下:
在host1上:
# ssh-keygen -t dsa -b 1024
#scp ~/.ssh/id_sda.pub root@host2:/root/tmp.pub
#scp ~/.ssh/id_sda.pub CommonUser@host2:/home/CommonUser/tmp.pub
在host2上:
#cd /root
#cat tmp.pub>>~/.ssh/authorized_keys2
#su CommonUser
#cd
#cat tmp.pub>>~/.ssh/authorized_keys
#cat tmp.pub>>~/.ssh/authorized_keys2
在host1:
#ssh -i ~/.ssh/id_sda root@host2 // 成功!
#ssh -i ~/.ssh/id_sda CommonUser@host2 //失败!!
为什么用普通用户登录失败呢?
哪位大虾能帮我解一下惑么?
使用SSH 的public key 从host1向host2登录。
我的做法如下:
在host1上:
# ssh-keygen -t dsa -b 1024
#scp ~/.ssh/id_sda.pub root@host2:/root/tmp.pub
#scp ~/.ssh/id_sda.pub CommonUser@host2:/home/CommonUser/tmp.pub
在host2上:
#cd /root
#cat tmp.pub>>~/.ssh/authorized_keys2
#su CommonUser
#cd
#cat tmp.pub>>~/.ssh/authorized_keys
#cat tmp.pub>>~/.ssh/authorized_keys2
在host1:
#ssh -i ~/.ssh/id_sda root@host2 // 成功!
#ssh -i ~/.ssh/id_sda CommonUser@host2 //失败!!
为什么用普通用户登录失败呢?
哪位大虾能帮我解一下惑么?
...全文
请发表友善的回复…
发表回复
ymfighting 2010-07-09
- 打赏
- 举报
将host2上的openssl, openssh都升级到同host1同样的版本
对于新创建的普通用户就可以了
但是对于原有的用户还是不行
对于新创建的普通用户就可以了
但是对于原有的用户还是不行
steptodream 2010-07-08
- 打赏
- 举报
[cnpdl@host1 ~]$ ssh -i ~/.ssh/id_dsa CommonUser@host2
The authenticity of host 'host2 (10.x.x.x)' can't be established.
RSA key fingerprint is bd:51:a6:37:ce:da:48:9c:27:61:a4:eb:27:d9:ac:cc.
Are you sure you want to continue connecting (yes/no)? yes
这个接下来呢信息呢?
我一会去测试一下
我一般不同的用户用不同的密钥对
The authenticity of host 'host2 (10.x.x.x)' can't be established.
RSA key fingerprint is bd:51:a6:37:ce:da:48:9c:27:61:a4:eb:27:d9:ac:cc.
Are you sure you want to continue connecting (yes/no)? yes
这个接下来呢信息呢?
我一会去测试一下
我一般不同的用户用不同的密钥对
ymfighting 2010-07-08
- 打赏
- 举报
host1上没有CommonUser, 但我试过添加一个CommonUser也还是不行。
我把know_hosts去掉再连报这样的错:
[cnpdl@host1 ~]$ ssh -i ~/.ssh/id_dsa CommonUser@host2
The authenticity of host 'host2 (10.x.x.x)' can't be established.
RSA key fingerprint is bd:51:a6:37:ce:da:48:9c:27:61:a4:eb:27:d9:ac:cc.
Are you sure you want to continue connecting (yes/no)? yes
我把know_hosts去掉再连报这样的错:
[cnpdl@host1 ~]$ ssh -i ~/.ssh/id_dsa CommonUser@host2
The authenticity of host 'host2 (10.x.x.x)' can't be established.
RSA key fingerprint is bd:51:a6:37:ce:da:48:9c:27:61:a4:eb:27:d9:ac:cc.
Are you sure you want to continue connecting (yes/no)? yes
steptodream 2010-07-08
- 打赏
- 举报
有点绕
你这样试试
把~/.ssh/known_hosts删除
你的host1上有CommonUser用户吗?
你这样试试
把~/.ssh/known_hosts删除
你的host1上有CommonUser用户吗?
steptodream 2010-07-08
- 打赏
- 举报
我的也是4.3
ymfighting 2010-07-08
- 打赏
- 举报
我想可能是版本的原因,
host1 上openssh的版本是4.3, host2是3.9
host1登录另外一台同样版本的机器就可以。
我升级一下host2的版本,回来告诉大家结果
host1 上openssh的版本是4.3, host2是3.9
host1登录另外一台同样版本的机器就可以。
我升级一下host2的版本,回来告诉大家结果
steptodream 2010-07-08
- 打赏
- 举报
我在默认的设置文件上 只改了4句
PermitRootLogin no
PasswordAuthentication no
UsePAM yes
AllowUsers xxxx
PermitRootLogin no
PasswordAuthentication no
UsePAM yes
AllowUsers xxxx
steptodream 2010-07-08
- 打赏
- 举报
[Quote=引用 7 楼 ymfighting 的回复:]
因为那段代码是我手敲上去的,手误,提示符实际是$
steptodream,可不可给我看一下你的配置文件
[/Quote]
sshd_config?
因为那段代码是我手敲上去的,手误,提示符实际是$
steptodream,可不可给我看一下你的配置文件
[/Quote]
sshd_config?
ymfighting 2010-07-08
- 打赏
- 举报
因为那段代码是我手敲上去的,手误,提示符实际是$
steptodream,可不可给我看一下你的配置文件
steptodream,可不可给我看一下你的配置文件
netxuning 2010-07-08
- 打赏
- 举报
学习 帮顶!
steptodream 2010-07-08
- 打赏
- 举报
我测试了 完全没问题啊
#su CommonUser
#cd
#cat tmp.pub>>~/.ssh/authorized_keys
#cat tmp.pub>>~/.ssh/authorized_keys2
---------------
你不是已经su到CommonUser用户了吗 提示符为什么还是#
你确认一下host2上面公钥的权限!
#su CommonUser
#cd
#cat tmp.pub>>~/.ssh/authorized_keys
#cat tmp.pub>>~/.ssh/authorized_keys2
---------------
你不是已经su到CommonUser用户了吗 提示符为什么还是#
你确认一下host2上面公钥的权限!
ymfighting 2010-07-08
- 打赏
- 举报
接下来就要求用password分录了。
debug的调试信息如下:
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: password
CommonUser@host2's password:
debug的调试信息如下:
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: password
CommonUser@host2's password:
