SSH无需输密码的认证问题

SSH相互认证的问题 （authorized_keys ）

今天公司做容灾测试的2台LINUX服务器的SSH相互认证出现了问题，重建公密钥老是提示输入密码。

最后发现，可能是由于谁修改了/home/dbra3的权限（没修改前是777，我改后为了700）

[dbra3@hzmc .ssh]$  chmod  700  ~/.ssh 
[dbra3@hzmc .ssh]$ /usr/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/dbra3/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/dbra3/.ssh/id_rsa.
Your public key has been saved in /home/dbra3/.ssh/id_rsa.pub.
The key fingerprint is:
5d:ec:ad:a3:0e:29:4b:2a:f6:67:2e:da:41:09:0e:2c dbra3@hzmc
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|.          .     |
|E..         o    |
|.o . .   . o .   |
|  . o   S . . .  |
|   .     .   .   |
|    . o o   o    |
|  o..+oo . . .   |
| ..++=o  .o      |
+-----------------+
[dbra3@hzmc .ssh]$ touch ~/.ssh/authorized_keys
[dbra3@hzmc .ssh]$ ssh 172.16.4.28
The authenticity of host '172.16.4.28 (172.16.4.28)' can't be established.
RSA key fingerprint is 4d:51:34:7e:e8:18:58:b2:0f:f9:14:78:7d:da:3e:fb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.4.28' (RSA) to the list of known hosts.
dbra3@172.16.4.28's password:



[dbra3@hzmc ~]$ su - root
Password:
[root@hzmc ~]# cd /home
[root@hzmc home]# ls -l
drwxrwxrwx  5 dbra3  dbra3     4096 Dec 30  2009 dbra3
drwxrwxrwx  2 root   root     16384 Sep 22  2009 lost+found
drwxrwxrwx 14 ora10g oinstall  4096 Dec 29  2009 ora10g
drwxrwxrwx 18 oracle oinstall  4096 Dec 16  2009 oracle
[root@hzmc home]# chmod 700 dbra3
[root@hzmc home]#su - dbra3
[dbra3@hzmc]$cd .ssh
[dbra3@hzmc .ssh]$ chmod 644 ~/.ssh/authorized_keys

就这样，ssh相互认证就可以了