在 Ubuntu 下使用 ROOT 免密码本地登录时,发现无论怎么配置都不行,百度上大多数帖子都是没有用的,最终参考文档是唯一解决放啊,这里做一个记录。
1. 正常配置 SSH Key
$ ssh-keygen -t dsa -P "" -f ~/.ssh/id_dsa
$ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
$ ssh localhost
2. 权限问题
$ chmod 755 /root
$ chmod 700 /root/.ssh
$ chmod 600 /root/.ssh/authorized_keys
3. sshd配置文件
SSHD 的配置文件为:/etc/ssh/sshd_config,将下面几行取消注释
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
PermitRootLogin yes
AuthorizedKeysFile .ssh/authorized_keys
AuthorizedKeysCommand none
AuthorizedKeysCommandUser nobody
修改完成之后,重新启动下 SSHD:
$ /etc/init.d/ssh restart
4. 查看日志
➜ ~ /usr/sbin/sshd -d
debug1: sshd version OpenSSH_7.6, OpenSSL 1.0.2n 7 Dec 2017
debug1: private host key #0: ssh-rsa SHA256:QOsWs/cfLMrh+RWmjGFmWO5PFqiP7FUACurY9MxeG9w
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:DVgXrBMcaBmDzKXp2L9DmCivZfbcJlE2aQ/aFz+r+fw
debug1: private host key #2: ssh-ed25519 SHA256:XJZLqeBcDy3bntTXgHJmM3tSqsTbn0lfA9vUFRjgLRs
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Set /proc/self/oom_score_adj from -998 to -1000
debug1: Bind to port 22 on 0.0.0.0.
Bind to port 22 on 0.0.0.0 failed: Address already in use.
debug1: Bind to port 22 on ::.
Bind to port 22 on :: failed: Address already in use.
Cannot bind any address.
主要是看下面这行代码运行的日志,来看到底为啥 ROOT 登录不上:
➜ ssh -v localhost
原来是生成的文件存储位置不对,文件命名也不对。删除 /root/.ssh
文件夹里面的文件,重新生成 rsa
密钥,再配置authorized_keys
就成功了