【发布时间】:2017-10-12 10:21:31
【问题描述】:
服务器操作系统:CentOS 6.6
我想为一个名为 otheruser 的非 root 用户进行免密码登录。 我在下面处理的步骤:
我。在服务器中生成公钥和私钥:
[otheruser@localhost ~]# ssh-keygen -t rsa
我接受默认设置,然后将.ssh/id_rsa.pub重命名为authorized_keys
[otheruser@localhost ~/.ssh]# cp id_rsa.pub authorized_keys
[otheruser@localhost ~/.ssh]# ls -al ~
drwx------ 2 otheruser otheruser 4096 May 13 06:50 .ssh
[otheruser@localhost ~/.ssh]# ls -al ~/.ssh
drwx------ 2 otheruser otheruser 4096 May 13 06:50 .
drwxrwxr--. 4 otheruser otheruser 4096 May 9 07:23 ..
-rw------- 1 otheruser otheruser 412 May 13 06:50 authorized_keys
-rw------- 1 otheruser otheruser 1675 May 13 06:48 id_rsa
-rw------- 1 otheruser otheruser 412 May 13 06:48 id_rsa.pub
可以注意到/home/otheruser/.ssh的权限是700,/home/otheruser/.ssh/authorized_keys的权限是600,都属于uesrotheruser和组otheruser。
二。修改 /etc/ssh/sshd_config
添加配置:
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
AllowUsers otheruser
重启sshd服务:
[root@localhost ~]# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
我将私钥从服务器复制到本地计算机。并尝试 ssh 到服务器:
ssh -i id_rsa otheruse@192.168.1.101
但我收到了Permission denied 提示:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
/var/log/secure 中的记录是:
May 12 07:07:08 localhost sshd[1230]: Connection closed by 192.168.1.1
May 12 07:07:14 localhost sshd[1231]: Authentication refused: bad ownership or modes for directory /home/otheruser
我不知道我有什么问题。谁能帮我QAQ
【问题讨论】:
-
@sajib-khan 似乎没有遇到我的问题。
-
服务器中的
getenforce结果为Disabled
标签: authentication ssh centos rsa