centos普通使用者ssh-keygen後仍需重複輸入密碼問題
阿新 • • 發佈:2018-12-05
用root使用者建立ssh 的時候沒有問題,在用普通使用者登入後,建立了ssh免密登入後,需要反覆輸入密碼。查詢原因後,發現許可權不夠。
[[email protected] .ssh]$ ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
8c:8a:46:f7:ea:77:17:d0:90:2e:07:06:b1:72:49:a8 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
| .+o . |
| .. oo o |
| .. +. o o |
|E o .o+ . |
| . . .oS. |
| . o o . |
| o . . . |
| . .. . . |
| .o. . . |
+-----------------+
[[email protected] .ssh]$ ls -al
total 16
drwx------. 2 hadoop hadoop 4096 Jul 2 18:16 .
drwx------. 30 hadoop hadoop 4096 Jul 2 17:27 ..
-rw-------. 1 hadoop hadoop 1675 Jul 2 18:16 id_rsa
-rw-r--r--. 1 hadoop hadoop 395 Jul 2 18:16 id_rsa.pub
[ [email protected] .ssh]$ cat id_rsa.pub >>authorized_keys
[[email protected] .ssh]$ ls
authorized_keys id_rsa id_rsa.pub
[[email protected] .ssh]$ ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is 2c:8f:be:94:ec:c5:fe:a8:f3:71:0a:33:76:b3:d2:74.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
[email protected]'s password:
Last login: Mon Jul 2 18:07:18 2018 from localhost
[[email protected] ~]$ ssh localhost
[email protected]'s password:
Last login: Mon Jul 2 18:11:06 2018 from localhost
還是存在反覆登入的情況。
解決方法:給.ssh資料夾賦予700的許可權,生成金鑰對後,給authorized_keys賦予644許可權。再次測試就成功了
[[email protected] ~]$ cd .ssh
[[email protected] .ssh]$ ls
authorized_keys id_rsa id_rsa.pub known_hosts
[[email protected] .ssh]$ rm -rf authorized_keys
[[email protected] .ssh]$ rm -rf id_rsa
[[email protected] .ssh]$ rm -rf id_rsa.pub
[[email protected] .ssh]$ rm -rf known_hosts
[[email protected] .ssh]$ cd ..
[[email protected] ~]$ sudo chmod 700 .ssh
[sudo] password for hadoop:
[[email protected] ~]$ cd .ssh
[[email protected] .ssh]$ ls
[[email protected] .ssh]$ ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
Your identification has been saved in /home/hadoop/.ssh/id_rsa.
Your public key has been saved in /home/hadoop/.ssh/id_rsa.pub.
The key fingerprint is:
8c:8a:46:f7:ea:77:17:d0:90:2e:07:06:b1:72:49:a8 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
| .+o . |
| .. oo o |
| .. +. o o |
|E o .o+ . |
| . . .oS. |
| . o o . |
| o . . . |
| . .. . . |
| .o. . . |
+-----------------+
[[email protected] .ssh]$ ls -al
total 16
drwx------. 2 hadoop hadoop 4096 Jul 2 18:16 .
drwx------. 30 hadoop hadoop 4096 Jul 2 17:27 ..
-rw-------. 1 hadoop hadoop 1675 Jul 2 18:16 id_rsa
-rw-r--r--. 1 hadoop hadoop 395 Jul 2 18:16 id_rsa.pub
[[email protected] .ssh]$ cat id_rsa.pub >>authorized_keys
[[email protected] .ssh]$ ls
authorized_keys id_rsa id_rsa.pub
[[email protected] .ssh]$ sudo chmod 644 authorized_keys
[[email protected] .ssh]$ ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is 2c:8f:be:94:ec:c5:fe:a8:f3:71:0a:33:76:b3:d2:74.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
Last login: Mon Jul 2 18:13:05 2018 from master
[[email protected] ~]$ ssh localhost
Last login: Mon Jul 2 18:17:53 2018 from localhost
[[email protected] ~]$ ssh localhost
Last login: Mon Jul 2 18:18:01 2018 from localhost
[[email protected] ~]$