linux – SSH密钥验证不断要求输入密码

我试图通过SSH密钥设置从ServerA(SunOS)到ServerB(一些使用键盘交互式登录的自定义Linux)的访问.作为概念验证,我能够在2台虚拟机之间完成.现在,在我的现实生活场景中它不起作用.

我在ServerA中创建了密钥,将它们复制到ServerB,将chmod’d .ssh文件夹复制到ServerA,B上的700.

这是我得到的日志.

    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-ctr hmac-md5 none
    debug1: kex: client->server aes128-ctr hmac-md5 none
    debug1: Peer sent proposed langtags, ctos:
    debug1: Peer sent proposed langtags, stoc:
    debug1: We proposed langtags, ctos: en-US
    debug1: We proposed langtags, stoc: en-US
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: dh_gen_key: priv key bits set: 125/256
    debug1: bits set: 1039/2048
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'XXX.XXX.XXX.XXX' is known and matches the RSA host key.
    debug1: Found key in /XXX/.ssh/known_hosts:1
    debug1: bits set: 1061/2048
    debug1: ssh_rsa_verify: signature correct
    debug1: newkeys: mode 1
    debug1: set_newkeys: setting new keys for 'out' mode
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: newkeys: mode 0
    debug1: set_newkeys: setting new keys for 'in' mode
    debug1: SSH2_MSG_NEWKEYS received
    debug1: done: ssh_kex2.
    debug1: send SSH2_MSG_SERVICE_REQUEST
    debug1: got SSH2_MSG_SERVICE_ACCEPT
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: Next authentication method: publickey
    debug1: Trying private key: /XXXX/.ssh/identity
    debug1: Trying public key: /xxx/.ssh/id_rsa
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: Trying private key: /xxx/.ssh/id_dsa
    debug1: Next authentication method: keyboard-interactive
    Password:
    Password:

自从定制的专有Linux以来,ServerB的行动非常有限.

可能会发生什么?

编辑与答案:

问题是我没有在sshd_config中启用这些设置(请参阅接受的答案)并且在将密钥从ServerA粘贴到ServerB时,它会将密钥解释为3个单独的行.

我做的是,如果你不能像我一样使用ssh-copy-id.将您的密钥的第一行粘贴到“ServerB”authorized_keys文件中,不包含最后2个字符,然后键入第1行中缺少的字符和第2行中的第一行,这将阻止在第一行和第二行之间添加“新行”.第二行的关键.重复3d线.

最佳答案
我不认为您的密钥已被正确复制,如果您有ssh-copy-id可用,我建议您使用它.

$ssh-copy-id user@remote_server
Password:

输入密码后,您的SSH密钥将被复制,您应该只需ssh而无需再次提供密码.

还要检查ServerB上的SSH配置并检查一些事项.

$vi /etc/ssh/sshd_config

另一件事是检查这些设置:

RSAAuthentication yes
PubKeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys

AuthorizedKeysFile的值是您需要粘贴公共ssh密钥的位置.

您可以使用以下命令收集SSH-Key信息:ssh-add -L

更新

当ssh-copy-id不存在时,您可以采用旧方法:

$cat ~/.ssh/id_rsa.pub | ssh user@remote_host 'cat >> /home/user/.ssh/authorized_keys'

转载注明原文:linux – SSH密钥验证不断要求输入密码 - 代码日志