fli*_*fly 5 linux ssh openssh permissions ubuntu
当我从 termserv 登录到任何其他服务器时,ssh 要求我验证主机指纹。然后它警告我它添加了它并继续前进。如果我立即注销并重新登录,这种情况会再次发生。我尝试清空known_hosts 文件,检查权限并重试。known_hosts 文件保持空白。在报告将指纹添加到已知主机和要求我提供密钥密码之间存在明显的停顿。
me@termserv:$ ssh me@10.0.X.X
The authenticity of host '10.0.X.X (10.0.X.X)' can't be established.
ECDSA key fingerprint is d4:a2:cf:42:0b:01:xx:e5:xx:7a:xx:93:xx:53:xx:b4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.X.X' (ECDSA) to the list of known hosts.
Enter passphrase for key '/home/me/.ssh/id_rsa':
Welcome to Ubuntu 12.04.2 LTS (GNU/Linux 3.2.0-23-generic x86_64)
...
me@10.0.X.X:$
我检查了驱动器空间问题。在我的主分区(没有特殊的 /home)上,我的使用率只有 3%。我的系统日志没有显示任何相关内容。如果我使用 -vvv 运行 ssh,则在询问我是否要连接和警告我它已永久添加到已知主机(我们已确定这是一个谎言)之间我不会获得任何额外信息。
我尝试在 OpenSSH webCVS 存储库中搜索其中一些短语,但没有通过 google 站点找到它:搜索。
.ssh目录权限是me:me drwx------
.ssh/known_hosts权限已经me:me -rw-r--r--和-rw-------
这是正在发生的事情的一个轨迹。我只包含了我说“是”添加它和它说它已经添加它之间的部分。
strace -o sshtrace ssh localhost
write(4, "The authenticity of host 'localh"..., 200) = 200
read(4, "y", 1) = 1
read(4, "e", 1) = 1
read(4, "s", 1) = 1
read(4, "\n", 1) = 1
rt_sigaction(SIGALRM, {SIG_DFL, [], SA_RESTORER, 0x7fc73374d4a0}, NULL, 8) = 0
rt_sigaction(SIGHUP, {SIG_DFL, [], SA_RESTORER, 0x7fc73374d4a0}, NULL, 8) = 0
rt_sigaction(SIGINT, {SIG_DFL, [], SA_RESTORER, 0x7fc73374d4a0}, NULL, 8) = 0
rt_sigaction(SIGQUIT, {SIG_DFL, [], SA_RESTORER, 0x7fc73374d4a0}, NULL, 8) = 0
rt_sigaction(SIGPIPE, {SIG_IGN, [], SA_RESTORER, 0x7fc73374d4a0}, NULL, 8) = 0
rt_sigaction(SIGTERM, {SIG_DFL, [], SA_RESTORER, 0x7fc73374d4a0}, NULL, 8) = 0
rt_sigaction(SIGTSTP, {SIG_DFL, [], SA_RESTORER, 0x7fc73374d4a0}, NULL, 8) = 0
rt_sigaction(SIGTTIN, {SIG_DFL, [], SA_RESTORER, 0x7fc73374d4a0}, NULL, 8) = 0
rt_sigaction(SIGTTOU, {SIG_DFL, [], SA_RESTORER, 0x7fc73374d4a0}, NULL, 8) = 0
close(4) = 0
open("/dev/null", O_WRONLY|O_CREAT|O_APPEND, 0666) = 4
fstat(4, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 3), ...}) = 0
ioctl(4, SNDCTL_TMR_TIMEBASE or TCGETS, 0x7ffff63c12c8) = -1 ENOTTY (Inappropriate ioctl for device)
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc734b64000
fstat(4, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 3), ...}) = 0
lseek(4, 0, SEEK_END) = 0
write(4, "|1|qcJVRUE6IlxxxxxBvjBgHiiov4/8=|"..., 222) = 222
close(4) = 0
munmap(0x7fc734b64000, 4096) = 0
write(2, "Warning: Permanently added 'loca"..., 76) = 76`
SSH 客户端认为您的known_hosts 文件的路径是/dev/null:
open("/dev/null", O_WRONLY|O_CREAT|O_APPEND, 0666) = 4
[...]
write(4, "|1|qcJVRUE6IlxxxxxBvjBgHiiov4/8=|"..., 222) = 222
检查~/.ssh/config以及可能/etc/ssh/ssh_config或同等内容;似乎其中一个可能包含虚假内容。
| 归档时间: |
|
| 查看次数: |
7802 次 |
| 最近记录: |