我全新安装了CentOS 6.5,我将其用作小型团队的开发服务器。我们有一个中央裸Git存储库,我们将通过ssh连接到它。
我设置了一个名为git的用户和一个名为test的用户。 test的公共密钥已附加到git的{{1}}文件中。据我所知,权限都是正确的:
authorized_keysssh目录本身:
[test@hackdashit ~]$ ls -aZ ~/.ssh/
drwx------. test developers unconfined_u:object_r:ssh_home_t:s0 .
drwx-----x. test developers unconfined_u:object_r:user_home_dir_t:s0 ..
-rw-------. test developers unconfined_u:object_r:ssh_home_t:s0 authorized_keys
-rw-------. test developers unconfined_u:object_r:ssh_home_t:s0 config
-rw-------. test developers unconfined_u:object_r:ssh_home_t:s0 id_rsa
-rw-------. test developers unconfined_u:object_r:ssh_home_t:s0 id_rsa.pub
使用私钥从远程计算机连接时,它连接时没有密码。但是当我尝试在本地连接时,我看到了这一点:
[test@hackdashit ~]$ ls -aZ ~
drwx------. test developers unconfined_u:object_r:ssh_home_t:s0 .ssh
注意:我更改了上面的RSA密钥指纹
这些是我的[test@hackdashit ~]$ ssh -v hackdashit
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /home/test/.ssh/config
debug1: Applying options for hackdashit
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug1: identity file /home/test/.ssh/id_rsa type 1
debug1: identity file /home/test/.ssh/id_rsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00.
Are you sure you want to continue connecting (yes/no)?
文件的内容:
~/.ssh/config当我尝试运行Git时会发生同样的事情:
Host hackdashit
Hostname localhost
User git
IdentityFile ~/.ssh/id_rsa
任何人都可以告诉我我在哪里出错,将{s}帐号连接到{{1}帐户的[test@hackdashit ~]$ git clone ssh://hackdashit/repos/test.git
Initialized empty Git repository in /home/test/test/.git/
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is c3:9f:65:f0:04:39:93:82:7e:1d:57:9b:16:2f:76:59.
Are you sure you want to continue connecting (yes/no)?
帐户连接,以便我可以在本地或通过ssh远程使用Git ?
注意:我还在此问题上阅读了this和this的问题,但我认为它们与我的权限无关(包括SELinux)似乎是正确的。
更新
我停止test然后运行git并尝试连接sshd并移除sudo /usr/sbin/sshd -d文件,并获得以下输出:
ssh test@localhost答案 0 :(得分:2)
有关详细信息,请尝试:
ssh -Tvvv hackdashit
另外:
sudo sshd stop
sudo ssh -Dd
这样,您将从ssh守护程序(sshd)的角度看到它收到的内容以及完成查询所缺少的内容(如this answer中所示)。
您还可以查看是否更进一步:
ssh -o StrictHostKeyChecking=no hackdashit
请注意,用于git的网址是:
git clone hackdashit:/repos/test.git
OP LeonardChallis确认in the comments:
StrictHostKeyChecking=no向我发送了正确的路线 我跑了
ssh-keyscan -t rsa localhost > /etc/ssh/ssh_known_hosts
它神奇地工作:)