问题现象:serverA机器已经生产rsa密钥,下面我们就来聊聊关于ssh无法远程登录怎么解决?接下来我们就一起去了解一下吧!
ssh无法远程登录怎么解决
问题现象:
serverA机器已经生产rsa密钥
且已经将public key添加到serverB机器/root/.ssh/authorized_keys
但是ssh root@135.251.208.141机器时仍然需要输入密码,即无密码认证失败
分析与处理:
用ssh -v debug访问,日志如下,但是从日志看不到失败原因,只知道在用publickey认证时,对端没有reply;
此时百度时,有文章提到可以查看/var/log/secure日志
通过查看serverB机器/var/log/secure,发现报错如下
Jan 8 13:31:34 wng-141 sshd[32366]: Authentication refused: bad ownership or modes for directory /root
Jan 8 13:31:34 wng-141 sshd[32367]: Connection closed by 135.251.218.231
由此日志,可以是/root目录的权限不对,再百度搜索"Authentication refused: bad ownership or modes for directory /root"
发现所有用户的HOME目录应该是700权限,否则会引起很多问题,这个问题同样是由于这个原因
最终,执行chmod 700 root后解决
[root@wng-231 ~]# /usr/bin/ssh -vvv -i /opt/aware/Central/.sshkey/id_rsa -oConnectTimeout=1 -o StrictHostKeyChecking=no -o PasswordAuthentication=no root@135.251.208.141
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 135.251.208.141 [135.251.208.141] port 22.
,
