调试ssh共享密钥

时间:2016-02-12 18:10:12

标签: ssh

我无法远离服务器连接到另一台服务器,无法理解为什么......

Rails.application.routes.draw do
  match "/delayed_job" => DelayedJobWeb, :anchor => false, via: [:get, :post]

  namespace :api, format: false, defaults: {format: :json} do
    .....
    get '*path' => 'base#not_found'
  end

  namespace :admin, format: false, except: [:show] do
    .....
    root 'home#index'
  end

  devise_for :users

  get 'styleguide' => 'styleguide#index'
  get '*path' => 'bootstrap#index'
  root 'bootstrap#index'

end

这对我来说很奇怪,因为我有

romain@wk:~/.ssh$ ssh -vvv romain@192.168.0.39
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.0.39 [192.168.0.39] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/romain/.ssh/id_rsa" as a RSA1 public key

是["无法加载" /home/romain/.ssh/id_rsa"作为RSA1公钥"]引用本地服务器或远程服务器上的文件?

修改

服务器日志:

romain@wk: cd /home/romain/.ssh/
romain@wk:~/.ssh$ ls -la
total 28
drwx------ 2 romain romain 4096 Feb 12 18:51 .
drwxr-xr-x 6 romain romain 4096 Feb 12 18:51 ..
-rw-rw-r-- 1 romain romain  400 Feb 11 18:46 authorized_keys
-rw------- 1 romain romain  137 Feb 11 18:46 environment
-rw------- 1 romain romain 1766 Feb 11 18:46 id_rsa
-rw-r--r-- 1 romain romain  400 Feb 11 18:44 id_rsa.pub
-rw-r--r-- 1 romain romain  222 Feb 11 18:44 known_hosts

目录详情:

Feb 12 19:45:17 pl sshd[28579]: debug1: temporarily_use_uid: 1000/1000 (e=0/0)
Feb 12 19:45:17 pl sshd[28579]: debug1: trying public key file /home/romain/.ssh/authorized_keys
Feb 12 19:45:17 pl sshd[28579]: debug1: fd 4 clearing O_NONBLOCK
Feb 12 19:45:17 pl sshd[28579]: Authentication refused: bad ownership or modes for directory /home/romain

romain的id:

romain@pl:/home$ cd /home/
romain@pl:/home$ ls -l
total 8
drwxrwxrwx 21 romain romain 4096 Feb 12 19:42 romain
drwxr-xr-x  7 root   root   4096 Feb 10 18:32 users

日志背景:

romain@pl:/home$ id -u romain
1000

1 个答案:

答案 0 :(得分:0)

消息

bad ownership or modes for directory /home/romain

告诉你这些权限

drwxrwxrwx 21 romain romain 4096 Feb 12 19:42 romain

错了。一段时间之后,您可能已经在主目录中使用了权限。有两种可能的解决方案:

  1. 修复权限:chmod go-w /home/romainauthorized_keys文件的目录链无法由任何其他用户写入)
  2. StrictModes No中使用sshd_config并重新启动服务器。
  3. 这两个选项都可以帮到你,但我推荐第一个。