我无法在 Mac OS X 10.9.5 Mavericks 机器上进行无密码登录。authorized_keys正确设置文件后,我可以登录到远程 Ubuntu 框。但是,我不能在那里反转。
所以我试图通过弄清楚我是否可以在没有密码的情况下执行此操作来对 Mac 设置进行故障排除:
ssh localhost
在我的 Ubuntu 机器上这样做很有效,但 Mac 一直要求输入密码。是的,我检查了authorized_keys文件和known_hosts文件,并确保id_rsa.pub密钥都存在于我的 Mac 中。但是localhost没有密码我无法通过 SSH 连接。
我阅读了其他帖子,例如这个帖子。
甚至在文件中启用了以下两个设置(通过删除它们前面的主题标签)sshd_config:
RSAAuthentication yes
PubKeyAuthentication yes
仍然被要求输入密码。
将authorized_key和known_hosts文件的副本放在etc 目录中。
仍然被要求输入密码。
我在 Stack Overflow 上提供了一个答案,解释了通过 SSH 设置无密码访问所需的分步过程。以下是适合您特定需求的说明。
首先,使用如下-v标志将 SSH 连接设置为详细模式:
ssh -v localhost
如ssh手册页中所述;可通过man ssh:
-v Verbose mode. Causes ssh to print debugging messages about its
progress. This is helpful in debugging connection, authentica-
tion, and configuration problems. Multiple -v options increase
the verbosity. The maximum is 3.
通过向我展示登录过程是如何流动的以及究竟是什么阻塞了它,这在过去为我节省了很多麻烦。例如,这是我在本地 Mac OS X 10.9.5 机器上运行该命令的输出:
ssh -v localhost
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 53: Applying options for *
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug1: identity file /Users/JakeGould/.ssh/id_rsa type 1
debug1: identity file /Users/JakeGould/.ssh/id_rsa-cert type -1
debug1: identity file /Users/JakeGould/.ssh/id_dsa type -1
debug1: identity file /Users/JakeGould/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
debug1: match: OpenSSH_6.2 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 01:aa:8e:8e:b9:e1:4b:e8:bd:c5:a2:20:a3:c7:f1:18
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /Users/JakeGould/.ssh/known_hosts:43
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/JakeGould/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /Users/JakeGould/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password:
如您所见,它会弹出密码提示。但在此之前,它显然是在检查我的 RSA 公钥。而且由于我没有,它只是滚动到下一个身份验证方法。注意ssh -v当你在你的集合上运行它时的输出,看看哪里会卡住。
还要确保目标计算机上的 SSH 文件具有与以下匹配的权限 & 由尝试访问的帐户拥有,如下例所示:
-rw------- [username] [usergroup] authorized_keys
-rw------- [username] [usergroup] id_rsa
-rw-r--r-- [username] [usergroup] id_rsa.pub
-rw-r--r-- [username] [usergroup] known_hosts
因此,chmod对authorized_keys文件运行此命令:
sudo chmod 600 ~/.ssh/authorized_keys
并运行此命令chmod的id_rsa文件:
sudo chmod 600 ~/.ssh/id_rsa
| 归档时间: |
|
| 查看次数: |
13256 次 |
| 最近记录: |