ssh key login

回覆文章
yehlu
Site Admin
文章: 3245
註冊時間: 2004-04-15 17:20:21
來自: CodeCharge Support Engineer

ssh key login

文章 yehlu »

1.genkey

代碼: 選擇全部

 ssh-keygen -t rsa
2.copy copy

代碼: 選擇全部

scp -pr id_rsa.pub yehlu@ip:/home/yehlu/.ssh/
3.append authorized_keys

代碼: 選擇全部

cat id_rsa.pub >> authorized_keys
4.

代碼: 選擇全部

chmod 644 authorized_keys
yehlu
Site Admin
文章: 3245
註冊時間: 2004-04-15 17:20:21
來自: CodeCharge Support Engineer

SSH Authentication Refused: Bad Ownership or Modes for Direc

文章 yehlu »

http://www.daveperrett.com/articles/201 ... n-refused/

ey in /Users/dave/.ssh/known_hosts:8
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/dave/.ssh/identity
debug1: Offering public key: /Users/dave/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Trying private key: /Users/dave/.ssh/id_dsa
debug1: Next authentication method: password
dave@new-server.com's password:
Tailing /var/log/secure on the target machine is a lot more useful :

1
2
3
> sudo tail -f /var/log/secure
Sep 14 01:26:31 new-server sshd[22107]: Authentication refused: bad ownership or modes for directory /home/dave/.ssh
Sep 14 01:26:46 new-server sshd[22108]: Connection closed by 98.76.54.32
Finally we’re getting somewhere - bad ownership or modes for directory /home/dave/.ssh.

SSH doesn’t like it if your home or ~/.ssh directories have group write permissions. Your home directory should be writable only by you, ~/.ssh should be 700, and authorized_keys should be 600 :

代碼: 選擇全部

chmod g-w /home/yehlu
chmod 700 /home/yehlu/.ssh
chmod 600 /home/yehlu/.ssh/authorized_keys
You can also get around this by adding StrictModes off to your ssh_config file, but I’d advise against it - fixing permissions is the way to go.
yehlu
Site Admin
文章: 3245
註冊時間: 2004-04-15 17:20:21
來自: CodeCharge Support Engineer

WARNING: UNPROTECTED PRIVATE KEY FILE!

文章 yehlu »

http://wallyjue.blogspot.tw/2008/08/ssh ... -file.html

解決ssh連線時 unprotected private key file 問題
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0755 for private key file are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.

Just execute this and I solved my problem.

chmod 0600 [private key file]




The reason of this issue might be the file property. Just change to 600 would probably solve this issue. Remember to add sudo if you are not root to your machine.


這是我ssh連線時遇到的問題,原因是我把private key跟public key搬來搬去
檔案性質可能有被改到吧, I'm not sure for that.
anyway,就修改回來吧
"chmod 0600 [private key file]"
就可以了
回覆文章

回到「Linux」