can*_*sin 56 passwords ssh networking openssh login
编辑:准确地完成所做的事情
我需要SSH本地主机没有密码,通常的方式(使用公钥)不起作用.
user@PC:~$ rm -rf .ssh/*
user@PC:~$ ssh-keygen -t rsa > /dev/null
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
user@PC:~$ ls .ssh/
id_rsa id_rsa.pub
user@PC:~$ ssh-copy-id -i localhost
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is f7:87:b5:4e:31:a1:72:11:8e:5f:d2:61:bd:b3:40:1a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
user@localhost's password:
Now try logging into the machine, with "ssh 'localhost'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
user@PC:~$ ssh-agent $SHELL
user@PC:~$ ssh-add -L
The agent has no identities.
user@PC:~$ ssh-add
Identity added: /home/user/.ssh/id_rsa (/home/user/.ssh/id_rsa)
user@PC:~$ ssh-add -L
ssh-rsa ...MY KEY HERE
user@PC:~$ ssh-copy-id -i localhost
user@localhost's password:
Now try logging into the machine, with "ssh 'localhost'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
user@PC:~$ ssh localhost echo 'testing'
user@localhost's password:
user@PC:~$
所以你可以在最后一个命令中看到它仍在询问密码!我该如何解决这个问题?Ubuntu-10.04,OpenSSH_5.3p1
EDIT2:
添加一些关于sshd的信息
user@PC:~$ cat /etc/ssh/sshd_config | grep Authentication
# Authentication:
RSAAuthentication yes
PubkeyAuthentication yes
RhostsRSAAuthentication no
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
ChallengeResponseAuthentication no
# PasswordAuthentication yes
EDIT3:来自$ ssh -vv localhost的结果
$ssh -vv localhost
...
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user/.ssh/identity
debug1: Offering public key: /home/user/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/user/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
user@localhost's password:
小智 138
我做了以下3个步骤来创建密码少登录
1. ssh-keygen -t rsa
Press enter for each line
2. cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
3. chmod og-wx ~/.ssh/authorized_keys
can*_*sin 17
发现了这个问题.
使用debuging运行服务器:
$sshd -Dd
我发现它无法读取auth_key
$chmod 750 $HOME
固定它.
shi*_*ipr 13
另一个可能的答案:authorized_keys文件可能存在且可读.但如果它是组或世界可写的,它仍然会提示输入密码.这个问题的答案是
chmod og-wx ~/.ssh/authorized_keys
执行以下步骤
ssh-keygen -t rsa -C "your_email@example.com"
# Creates a new ssh key, using the provided email as a label
# Generating public/private rsa key pair.
使用默认文件和空密码(只需在接下来的两个步骤中按Enter键)
# start the ssh-agent in the background
eval "$(ssh-agent -s)"
# Agent pid 59566
ssh-add
将〜/ .ssh/id_rsa.pub的内容复制到〜/ .ssh/authorized_keys
确保以下是权限
ls -l .ssh/
total 20
-rw-r--r--. 1 swati swati 399 May 5 14:53 authorized_keys
-rw-r--r--. 1 swati swati 761 Jan 12 15:59 config
-rw-------. 1 swati swati 1671 Jan 12 15:44 id_rsa
-rw-r--r--. 1 swati swati 399 Jan 12 15:44 id_rsa.pub
-rw-r--r--. 1 swati swati 410 Jan 12 15:46 known_hosts
另外,请确保.ssh目录的权限.这也很重要
drwx------. 2 swati swati 4096 May 5 14:56 .ssh
两个简单步骤:
ssh-keygen -t rsa <Press enter for each line>
ssh-copy-id localhost
输入密码,您就完成了。