Linux 相互认证 authorized_keys
来源:互联网 发布:txt编辑软件apk 编辑:程序博客网 时间:2024/04/30 03:07
今天公司做容灾测试的2台LINUX服务器的SSH相互认证出现了问题,重建公密钥老是提示输入密码。
最后发现,可能是由于谁修改了/home/dbra3的权限(没修改前是777,我改后为了700)
[dbra3@hzmc .ssh]$ chmod 700 ~/.ssh
[dbra3@hzmc .ssh]$ /usr/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/dbra3/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/dbra3/.ssh/id_rsa.
Your public key has been saved in /home/dbra3/.ssh/id_rsa.pub.
The key fingerprint is:
5d:ec:ad:a3:0e:29:4b:2a:f6:67:2e:da:41:09:0e:2c dbra3@hzmc
The key's randomart image is:
+--[ RSA 2048]----+
| |
|. . |
|E.. o |
|.o . . . o . |
| . o S . . . |
| . . . |
| . o o o |
| o..+oo . . . |
| ..++=o .o |
+-----------------+
[dbra3@hzmc .ssh]$ touch ~/.ssh/authorized_keys
[dbra3@hzmc .ssh]$ ssh 172.16.4.28
The authenticity of host '172.16.4.28 (172.16.4.28)' can't be established.
RSA key fingerprint is 4d:51:34:7e:e8:18:58:b2:0f:f9:14:78:7d:da:3e:fb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.4.28' (RSA) to the list of known hosts.
dbra3@172.16.4.28's password:
[dbra3@hzmc ~]$ su - root
Password:
[root@hzmc ~]# cd /home
[root@hzmc home]# ls -l
drwxrwxrwx 5 dbra3 dbra3 4096 Dec 30 2009 dbra3
drwxrwxrwx 2 root root 16384 Sep 22 2009 lost+found
drwxrwxrwx 14 ora10g oinstall 4096 Dec 29 2009 ora10g
drwxrwxrwx 18 oracle oinstall 4096 Dec 16 2009 oracle
[root@hzmc home]# chmod 700 dbra3
[root@hzmc home]#su - dbra3
[dbra3@hzmc]$cd .ssh
[dbra3@hzmc .ssh]$ chmod 644 ~/.ssh/authorized_keys
就这样,ssh相互认证就可以了
最后发现,可能是由于谁修改了/home/dbra3的权限(没修改前是777,我改后为了700)
[dbra3@hzmc .ssh]$ chmod 700 ~/.ssh
[dbra3@hzmc .ssh]$ /usr/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/dbra3/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/dbra3/.ssh/id_rsa.
Your public key has been saved in /home/dbra3/.ssh/id_rsa.pub.
The key fingerprint is:
5d:ec:ad:a3:0e:29:4b:2a:f6:67:2e:da:41:09:0e:2c dbra3@hzmc
The key's randomart image is:
+--[ RSA 2048]----+
| |
|. . |
|E.. o |
|.o . . . o . |
| . o S . . . |
| . . . |
| . o o o |
| o..+oo . . . |
| ..++=o .o |
+-----------------+
[dbra3@hzmc .ssh]$ touch ~/.ssh/authorized_keys
[dbra3@hzmc .ssh]$ ssh 172.16.4.28
The authenticity of host '172.16.4.28 (172.16.4.28)' can't be established.
RSA key fingerprint is 4d:51:34:7e:e8:18:58:b2:0f:f9:14:78:7d:da:3e:fb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.4.28' (RSA) to the list of known hosts.
dbra3@172.16.4.28's password:
[dbra3@hzmc ~]$ su - root
Password:
[root@hzmc ~]# cd /home
[root@hzmc home]# ls -l
drwxrwxrwx 5 dbra3 dbra3 4096 Dec 30 2009 dbra3
drwxrwxrwx 2 root root 16384 Sep 22 2009 lost+found
drwxrwxrwx 14 ora10g oinstall 4096 Dec 29 2009 ora10g
drwxrwxrwx 18 oracle oinstall 4096 Dec 16 2009 oracle
[root@hzmc home]# chmod 700 dbra3
[root@hzmc home]#su - dbra3
[dbra3@hzmc]$cd .ssh
[dbra3@hzmc .ssh]$ chmod 644 ~/.ssh/authorized_keys
就这样,ssh相互认证就可以了
0 0
- Linux 相互认证 authorized_keys
- SSH相互认证的问题 (authorized_keys )
- ssh-keygen的使用方法及配置authorized_keys两台linux机器相互认证
- ssh-keygen的使用方法及配置authorized_keys两台linux机器相互认证
- ssh-keygen使用及配置authorized_keys两台linux机器相互认证
- linux 配置authorized_keys连接时仍需要密码的解决办法
- linux远程登陆不要密码,使用authorized_keys不生效的解决方法
- 【linux】/home/USR/.ssh目录里什么时候需要添加authorized_keys文件(1)
- Linux认证
- authorized_keys 的权限
- SSH authorized_keys 无效问题
- Linux认证简介
- LINUX认证等级列表
- Linux认证基本知识介绍
- linux ssh密钥认证
- Linux PAM认证
- Linux-PAM认证方式
- Linux-PAM认证方式
- Linux系统打包
- 更改yum源
- [乐意黎转载]CSS滑动下划线
- oracle asm2
- oracle asm
- Linux 相互认证 authorized_keys
- 深入理解 Spring 事务原理
- Linux DNS配置
- 【转载】Oracle 触发器语法及实例
- Hadoop 安装测试
- Oracle command
- JS正则过滤(去除)富文本编辑器中的FONT-SIZE标签
- TimesTen ttendaemon.option
- timesten ttXactAdmin