ssh 免密碼登陸設置不成功


記一次centos6設置免密碼登陸設置不成功的解決。自己挖的坑自己填。

ssh 免密碼登陸設置( 正常情況下是這樣的,設置成功后登陸主機是不需要密碼的)

[root@master .ssh]# ssh-keygen -t rsa
# 執行上面的命令直接敲3-4次回車。
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
aa:75:3d:49:f1:8b:63:80:24:77:1a:ad:e8:11:ae:db root@master
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|       .         |
|    o + o .      |
|   . * *   o     |
|    + + S . .    |
|   o . . + o .   |
|  . . o . B .    |
|   o o . . o     |
|  . E            |
+-----------------+
[root@master .ssh]# ssh-copy-id master 
The authenticity of host 'master (192.168.181.200)' can't be established.
RSA key fingerprint is 04:f2:c1:15:40:e3:dd:25:77:5d:8a:62:c1:9b:3c:dc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'master,192.168.181.200' (RSA) to the list of known hosts.
root@master's password: 
Now try logging into the machine, with "ssh 'master'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

[root@master .ssh]# ssh master 
Last login: Fri Dec 21 08:45:54 2018 from master

# 當然完整的登陸命令是這樣的。
[root@master ~]# ssh root@master 
Last login: Fri Dec 21 08:46:18 2018 from master


即使按照上面的操作走完了整個流程,最終登陸其他主機的時候還是需要密碼,失敗的原因是之前修改了.ssh文件夾的權限。

最近在搭建ambari平台,出現很多問題,以為是獲取不到登陸主機的權限 ,所以講 .ssh 文件夾的權限修改成了 777 , 最后修改為 700,再執行上面的操作,完美實現免密碼登陸。
最后要說明的是 .ssh 目錄的權限只能是 700 | 755 , 絕對不能是 777.

sshd為了安全,對屬主的目錄和文件權限有所要求。如果權限不對,則ssh的免密碼登陸不生效。
用戶目錄權限為 755 或者 700,就是不能是77x。
.ssh目錄權限一般為755或者700。
rsa_id.pub 及authorized_keys權限一般為644
rsa_id權限必須為600


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM