这里写自定义目录标题
远程登陆主机每次输入密码是一个繁琐的事情,但我们可以通过将公钥放到远程主机上进行授权实现无密码登陆。
ssh使用密钥认证
然而有时候出现这种情况,我们已经合理地配置好了,但登陆时仍然需要密码。这主要是远程主机的目录或文件权限上出现了问题,Linux防止篡改,当ssh相关目录或文件允许除本人以外的人有写入权限时,就必须使用密码。
我今天就出了这个幺蛾子,百度和谷歌了一大推,但是没有解决问题。中文博文主要讨论2个关键点,~/.ssh目录只允许自己可写入,以及authorized_keys文件也只允许自己可写入。
SSH无密钥登陆 与 配置公钥后仍需要输入密码的解决方案
stackexange上的一个回答让我第一时间发现问题所在:
Your home directory ~, your ~/.ssh directory and the ~/.ssh/authorized_keys file on the remote machine must be writable only by you: rwx------ and rwxr-xr-x are fine, but rwxrwx— is no good¹, even if you are the only user in your group (if you prefer numeric modes: 700 or 755, not 775).
If ~/.ssh or authorized_keys is a symbolic link, the canonical path (with symbolic links expanded) is checked.
Your ~/.ssh/authorized_keys file (on the remote machine) must be readable (at least 400), but you’ll need it to be also writable (600) if you will add any more keys to it.
Your private key file (on the local machine) must be readable and writable only by you: rw-------, i.e. 600.
链接:https://unix.stackexchange.com/questions/36540/why-am-i-still-getting-a-password-prompt-with-ssh-with-public-key-authentication
我的家目录给了同组的人写权限,就是该问题导致ssh认证失败!
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
