系統為(rhel6.7)
如果在configure openssh時,如果有參數 –with-pam,會提示:
PAM is enabled. You may need to install a PAM control file for sshd, otherwise password authentication may fail. Example PAM control files can be found in the contrib/subdirectory
就是如果啟用PAM,需要有一個控制文件,按照提示的路徑找到redhat/sshd.pam,並復制到/etc/pam.d/sshd,在/etc/ssh/sshd_config中打開UsePAM yes。發現連接服務器被拒絕,關掉就可以登錄。
直接修改/etc/pam.d/sshd
#%PAM-1.0 auth required pam_sepermit.so auth include password-auth account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session optional pam_keyinit.so force revoke session include password-auth
重啟sshd,搞定!