SSH免密码登陆遇到的问题及解决

SSH免密码登陆遇到的问题及解决

1. ssh配置方式 (注意更换加密方式)

参考：https://zhuanlan.zhihu.com/p/514903590

2. ssh免密登录配置无效

• 原因1: 配置问题，权限问题
  • 配置问题：https://jingyan.baidu.com/article/454316ab3176d8f7a7c03ab9.html
  • 权限问题：https://blog.csdn.net/wu_cai/article/details/76422757
  • 查看日志找错：https://thutmose.blog.csdn.net/article/details/87916317；https://blog.csdn.net/donaldsy/article/details/100142401； https://blog.csdn.net/lisongjia123/article/details/78513244
• 原因2-可能是忘记重启ssh 服务了
  • 重启ssh服务的命令（三选一）

    service sshd restart
    systemctl restart sshd.service
    /etc/init.d/ssh restart
    

  • 如果重启服务有以下提示，请在重启ssh服务的命令前加上sudo
    • 提示：

    ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
    Authentication is required to restart 'ssh.service'.
    Authenticating as: ubuntu
    Password: 
    ==== AUTHENTICATION COMPLETE ===
    

    • 更改后的命令（三选一）：

    sudo service sshd restart
    sudo systemctl restart sshd.service
    sudo /etc/init.d/ssh restart
    

• 原因3-使用的加密方式不对，使用 DSA或 RSA算法（我就是这个原因！！！）
  • 我刚开始使用的是：

    % ssh免密登录配置无效，无法免密进去
    % 生成公钥私钥
    ssh-keygen -t dsa -C "[email protected]"
    

  • 后面修改的：

    %成功免密进去
    % 生成公钥私钥
    ssh-keygen -t rsa -C "[email protected]"
    

3. ssh [email protected] 登陆报错

• 提示

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:tsPQJ11tH8RR2Ok4fvYNVUaKBPBk2W+yniH4cyevcoI.
Please contact your system administrator.
Add correct host key in /home/fl/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/fl/.ssh/known_hosts:16
  remove with:
  ssh-keygen -f "/home/fl/.ssh/known_hosts" -R "1.118.229.195"
Host key for 1.118.229.195 has changed and you have requested strict checking.
Host key verification failed.

• 解决办法：

ssh-keygen -f "/home/fl/.ssh/known_hosts" -R "1.118.229.195"

---------------------分隔符---------------------

• 提示

The authenticity of host '1.117.229.195 (1.117.229.195)' can't be established.
ED25519 key fingerprint is SHA256:tGcqk10ZrrUIdFxv6Ql0TuTUVPzYAWkIXmoduYOtLJs.
+--[ED25519 256]--+
|         .++B++o.|
|       ..o+X.+...|
|      . ++=.O  oo|
|     . o.+ X .. o|
|      . S O +    |
|       = @ .     |
|      + O .      |
|       E         |
|                 |
+----[SHA256]-----+
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '1.117.229.195' (ED25519) to the list of known hosts.
[email protected]: Permission denied (publickey).

or

Host key fingerprint is SHA256:tGcqk10ZrrUIdFxv6Ql0TuTUVPzYAWkIXmoduYOtLJs
+--[ED25519 256]--+
|         .++B++o.|
|       ..o+X.+...|
|      . ++=.O  oo|
|     . o.+ X .. o|
|      . S O +    |
|       = @ .     |
|      + O .      |
|       E         |
|                 |
+----[SHA256]-----+
[email protected]: Permission denied (publickey).

• 解决办法：

重置服务器的密码
登陆服务器
然后重新放公钥到服务器的文件authorized_keys中

4. 其他关于ssh

• .ssh 中文件的作用解释
  • known_hosts ：https://zhuanlan.zhihu.com/p/575939310
• 检查是否安装了ssh，ssh服务的启动和停止；配置文件的修改方式
  • https://www.php.cn/linux-451456.html