在 Ubuntu 下使用 ROOT 免密码本地登录时,发现无论怎么配置都不行,百度上大多数帖子都是没有用的,最终参考文档是唯一解决放啊,这里做一个记录。
1. 正常配置 SSH Key
$ ssh-keygen -t dsa -P "" -f ~/.ssh/id_dsa$ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys$ ssh localhost
2. 权限问题
$ chmod 755 /root$ chmod 700 /root/.ssh$ chmod 600 /root/.ssh/authorized_keys
3. sshd配置文件
SSHD 的配置文件为:/etc/ssh/sshd_config,将下面几行取消注释
# LoggingSyslogFacility AUTHLogLevel INFO# Authentication:PermitRootLogin yesAuthorizedKeysFile .ssh/authorized_keysAuthorizedKeysCommand noneAuthorizedKeysCommandUser nobody
修改完成之后,重新启动下 SSHD:
$ /etc/init.d/ssh restart
4. 查看日志
➜ ~ /usr/sbin/sshd -ddebug1: sshd version OpenSSH_7.6, OpenSSL 1.0.2n 7 Dec 2017debug1: private host key #0: ssh-rsa SHA256:QOsWs/cfLMrh+RWmjGFmWO5PFqiP7FUACurY9MxeG9wdebug1: private host key #1: ecdsa-sha2-nistp256 SHA256:DVgXrBMcaBmDzKXp2L9DmCivZfbcJlE2aQ/aFz+r+fwdebug1: private host key #2: ssh-ed25519 SHA256:XJZLqeBcDy3bntTXgHJmM3tSqsTbn0lfA9vUFRjgLRsdebug1: rexec_argv[0]='/usr/sbin/sshd'debug1: rexec_argv[1]='-d'debug1: Set /proc/self/oom_score_adj from -998 to -1000debug1: Bind to port 22 on 0.0.0.0.Bind to port 22 on 0.0.0.0 failed: Address already in use.debug1: Bind to port 22 on ::.Bind to port 22 on :: failed: Address already in use.Cannot bind any address.
主要是看下面这行代码运行的日志,来看到底为啥 ROOT 登录不上:
➜ ssh -v localhost
原来是生成的文件存储位置不对,文件命名也不对。删除 /root/.ssh 文件夹里面的文件,重新生成 rsa 密钥,再配置authorized_keys 就成功了
5. 参考文档
若有收获,就点个赞吧
0 人点赞
