记一次linux秘钥无法登录,所选用户秘钥未在远程主机上注册解决笔记!

阅读:

突然发现测试服务器无法连接登录。ssh密钥登录提示:**所选的用户密钥未在远程主机上注册,请再试一次!**查看公钥cat /root/.ssh/authorized_keys也没发现问题.登录aliyun发送命令/bin/systemctl restart sshd.service 重启sshd服务也没用。

查看sshd状态/bin/systemctl restart sshd.service发现:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2021-09-24 14:53:33 CST; 5min ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 1588 (sshd)
   CGroup: /system.slice/sshd.service
           └─1588 /usr/sbin/sshd -D

Sep 24 14:54:28 iZbp18qq1n1pli2wswopjbZ sshd[2357]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys
Sep 24 14:54:29 iZbp18qq1n1pli2wswopjbZ sshd[2357]: error: Received disconnect from 60.177.119.143 port 14703:0:  [preauth]
Sep 24 14:54:29 iZbp18qq1n1pli2wswopjbZ sshd[2357]: Disconnected from 60.177.119.143 port 14703 [preauth]
Sep 24 14:55:41 iZbp18qq1n1pli2wswopjbZ sshd[3293]: rexec line 143: Deprecated option RSAAuthentication
Sep 24 14:55:42 iZbp18qq1n1pli2wswopjbZ sshd[3293]: reprocess config line 143: Deprecated option RSAAuthentication
Sep 24 14:55:42 iZbp18qq1n1pli2wswopjbZ sshd[3293]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys
Sep 24 14:55:44 iZbp18qq1n1pli2wswopjbZ sshd[3293]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys
Sep 24 14:55:45 iZbp18qq1n1pli2wswopjbZ sshd[3293]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys
Sep 24 14:55:46 iZbp18qq1n1pli2wswopjbZ sshd[3293]: error: Received disconnect from 60.177.119.143 port 13134:0:  [preauth]
Sep 24 14:55:46 iZbp18qq1n1pli2wswopjbZ sshd[3293]: Disconnected from 60.177.119.143 port 13134 [preauth]

查看sshd日志:cat /var/log/secure

1
2
3
4
5
6
Sep 24 14:55:42 iZbp18qq1n1pli2wswopjbZ sshd[3293]: reprocess config line 143: Deprecated option RSAAuthentication
Sep 24 14:55:42 iZbp18qq1n1pli2wswopjbZ sshd[3293]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys
Sep 24 14:55:44 iZbp18qq1n1pli2wswopjbZ sshd[3293]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys
Sep 24 14:55:45 iZbp18qq1n1pli2wswopjbZ sshd[3293]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys
Sep 24 14:55:46 iZbp18qq1n1pli2wswopjbZ sshd[3293]: error: Received disconnect from 60.177.119.143 port 13134:0:  [preauth]
Sep 24 14:55:46 iZbp18qq1n1pli2wswopjbZ sshd[3293]: Disconnected from 60.177.119.143 port 13134 [preauth]

Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys
sshd为了安全,对属主的目录和文件权限有所要求。如果权限不对,则ssh的免密码登陆不生效。
用户目录权限为 755 或者 700,就是不能是77x
.ssh目录权限一般为755或者700。
rsa_id.pubauthorized_keys权限一般为644
rsa_id权限必须为600

1
2
3
chmod -R 700 /root #更改root目录权限
chmod -R  700 .ssh #进入root目录修改.ssh目录权限
chmod -R 644 authorized_keys #更改authorized_keys 文件权限

宝塔上直接修改目录权限,报错请不要花样作死!

本文链接: https://dragonersli.github.io/2016/06/12/记一次linux秘钥无法登录,所选用户秘钥未在远程主机上注册解决笔记!/
本人声明: 此文只作为自己日后工作学习中遇到类似问题方便快速回忆解决问题的笔记,仅供参考!
版权声明: 知识共享许可协议 本文首发于 すせなの筆記 转载无需联系本人,但要注明来源本站!

谢谢您请我喝咖啡!~

支付宝
微信

扫一扫,分享到微信

微信分享二维码
Hexo Theme Yilia by Litten

导航

tag: