Ssh
SSH:權限被拒絕(公鑰、gssapi-with-mic、密碼)
====================================================================
更新:原來sshd的配置
host2
不允許密碼登錄。感謝人們回答這個問題。====================================================================
場景:為我的大學項目與一家公司合作。我需要先使用 PuTTy SSH 進入
host1
,然後從那裡 SSH 進入host2
(見下文)。我在 host2 上獲得了使用者名和密碼。我根本沒有訪問 host2 的權限,所以我不知道它的
sshd_config
.這就是我嘗試從 SSH 進入時發生
host2
的情況host1
:ff@host1:~$ ssh -v host2 OpenSSH_5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /home/ff/.ssh/config debug1: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to host2 [192.*.*.*] port 22. debug1: Connection established. debug1: identity file /home/ff/.ssh/identity type -1 debug1: identity file /home/ff/.ssh/id_rsa type -1 debug1: identity file /home/ff/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 debug1: match: OpenSSH_4.3 pat OpenSSH_4* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-5 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'sd01' is known and matches the RSA host key. debug1: Found key in /home/ff/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Unspecified GSS failure. Minor code may provide more information debug1: Next authentication method: publickey debug1: Trying private key: /home/ff/.ssh/identity debug1: Trying private key: /home/ff/.ssh/id_rsa debug1: Trying private key: /home/ff/.ssh/id_dsa debug1: Next authentication method: password ff@sd01's password: debug1: Authentications that can continue: publickey,gssapi-with-mic,password Permission denied, please try again. ff@sd01's password: debug1: Authentications that can continue: publickey,gssapi-with-mic,password Permission denied, please try again. ff@sd01's password: debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: No more authentication methods to try. Permission denied (publickey,gssapi-with-mic,password).
和我的 /home/ff/.ssh/config :
Host * # ForwardAgent no # ForwardX11 no # ForwardX11Trusted yes # RhostsRSAAuthentication no # RSAAuthentication yes # HostbasedAuthentication no BatchMode no # CheckHostIP yes # AddressFamily any # ConnectTimeout 0 # StrictHostKeyChecking ask # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_rsa # IdentityFile ~/.ssh/id_dsa # Port 22 # Protocol 2,1 # AuthorizedKeysFile .ssh/authorized_keys # Cipher 3des # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc # EscapeChar ~ # Tunnel no # TunnelDevice any:any # PermitLocalCommand no SendEnv LANG LC_* HashKnownHosts yes GSSAPIAuthentication yes GSSAPIDelegateCredentials no
我想知道在去公司之前我能做些什麼。
主機不接受您嘗試的使用者名和密碼。這意味著您連接到錯誤的伺服器,或者使用者名或密碼不正確。您應該要求管理員檢查登錄
host2
,這應該會告訴您這三種情況中的哪一種。
第一的
chmod 700 .ssh
進而 :
chmod 600 .ssh/authorized_keys
並測試:
restorecon -r -vv .ssh/authorized_keys