用公钥关闭连接

时间:2015-11-30 10:36:43

标签: linux ssh public-key

我在SSH中遇到了一些公钥问题。

我希望在SSH中将客户端A连接到服务器B,而不使用密码短语。 我在每台机器上都有2个用户:root和mysql。

使用root从A到B的公钥连接是可以的。 现在,我想对用户mysql做同样的事情,但它不起作用。

我使用此命令在A上创建了一个键:

ssh-keygen -t rsa

然后,我从〜/ .ssh / id_rsa.pub(机器A,用户mysql)复制密钥并将其粘贴到〜/ .ssh / authorized_keys(机器B,用户mysql)。

当我尝试从机器A,用户mysql通过ssh连接机器B时,如下所示:

ssh machineB

我遇到了以下问题:

连接由[机器B的IP地址]关闭

我做了ssh -vvv machineB并且:

debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-with-mic,password
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug3: Trying to reverse map address xx.xxx.xxx.xxx
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195

debug1: Unspecified GSS failure. Minor code may provide more information Unknown code krb5 195

debug1: Unspecified GSS failure. Minor code may provide more information Unknown code krb5 195

debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/mysql/.ssh/identity
debug3: no such identity: /home/mysql/.ssh/identity
debug1: Offering public key: /home/mysql/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
Connection closed by machineB IP addr

机器A的权限:

drwx------  2 mysql mysql  4096 Nov 30 11:31 .
drwxr-xr-x 79 mysql mysql 28672 Nov 30 14:08 ..
-rw-------  1 mysql mysql   407 Oct  9  2009 authorized_keys
-rw-------  1 mysql mysql   668 Nov 24 16:18 id_dsa
-rw-r--r--  1 mysql mysql   608 Nov 24 16:18 id_dsa.pub
-rw-------  1 mysql mysql  1675 Nov 30 10:08 id_rsa
-rwx------  1 mysql mysql  1675 May 25  2010 id_rsa.archive
-rw-r--r--  1 mysql mysql   400 Nov 30 10:08 id_rsa.pub
-rwxrwxr-x  1 mysql mysql   400 May 25  2010 id_rsa.pub.archive
-rwxrwxr-x  1 mysql mysql  8068 Nov  6 09:20 known_hosts

机器B的权限:

drwx------  2 mysql mysql  4096 Nov 30 11:47 .
drwxr-xr-x 25 mysql apache 4096 Nov 30 12:13 ..
-rw-------  1 mysql mysql  1424 Nov 30 10:10 authorized_keys
-rw-r--r--  1 mysql mysql  3128 Jun  1  2011 known_hosts

1 个答案:

答案 0 :(得分:0)

我有同样的问题。有趣的是,我能够通过ssh <username>@<hostname> -p <port>登录,就像Clempat在/var/log/auth.log中所建议的那样,找到了以下日志:

Sep 20 10:31:45 vbndx-VirtualBox sshd[3559]: Invalid user vega.bondx from 10.0.2.2 port 52637

似乎我的ssh配置文件已设置,例如全局选项

   Host *
   User vega.bondx

之前

   Host virt
   User vegabondx

来自this,我意识到顺序很重要。并且Host *选项应位于末尾。

相关问题
最新问题