SSH免密码登陆遇到的问题及解决
1. ssh配置方式 (注意更换加密方式)
参考:https://zhuanlan.zhihu.com/p/514903590
2. ssh免密登录配置无效
- 原因1: 配置问题,权限问题
- 配置问题:https://jingyan.baidu.com/article/454316ab3176d8f7a7c03ab9.html
- 权限问题:https://blog.csdn.net/wu_cai/article/details/76422757
- 查看日志找错:https://thutmose.blog.csdn.net/article/details/87916317;https://blog.csdn.net/donaldsy/article/details/100142401; https://blog.csdn.net/lisongjia123/article/details/78513244
- 原因2-可能是忘记重启ssh 服务了
- 重启ssh服务的命令(三选一)
service sshd restart systemctl restart sshd.service /etc/init.d/ssh restart
- 如果重启服务有以下提示,请在重启ssh服务的命令前加上sudo
- 提示:
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units === Authentication is required to restart 'ssh.service'. Authenticating as: ubuntu Password: ==== AUTHENTICATION COMPLETE ===
- 更改后的命令(三选一):
sudo service sshd restart sudo systemctl restart sshd.service sudo /etc/init.d/ssh restart
- 重启ssh服务的命令(三选一)
- 原因3-使用的加密方式不对,使用
DSA或 RSA算法(我就是这个原因!!!)- 我刚开始使用的是:
% ssh免密登录配置无效,无法免密进去 % 生成公钥私钥 ssh-keygen -t dsa -C "[email protected]"
- 后面修改的:
%成功免密进去 % 生成公钥私钥 ssh-keygen -t rsa -C "[email protected]"
- 我刚开始使用的是:
3. ssh [email protected] 登陆报错
- 提示
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:tsPQJ11tH8RR2Ok4fvYNVUaKBPBk2W+yniH4cyevcoI.
Please contact your system administrator.
Add correct host key in /home/fl/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/fl/.ssh/known_hosts:16
remove with:
ssh-keygen -f "/home/fl/.ssh/known_hosts" -R "1.118.229.195"
Host key for 1.118.229.195 has changed and you have requested strict checking.
Host key verification failed.
- 解决办法:
ssh-keygen -f "/home/fl/.ssh/known_hosts" -R "1.118.229.195"
---------------------分隔符---------------------
- 提示
The authenticity of host '1.117.229.195 (1.117.229.195)' can't be established.
ED25519 key fingerprint is SHA256:tGcqk10ZrrUIdFxv6Ql0TuTUVPzYAWkIXmoduYOtLJs.
+--[ED25519 256]--+
| .++B++o.|
| ..o+X.+...|
| . ++=.O oo|
| . o.+ X .. o|
| . S O + |
| = @ . |
| + O . |
| E |
| |
+----[SHA256]-----+
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '1.117.229.195' (ED25519) to the list of known hosts.
[email protected]: Permission denied (publickey).
or
Host key fingerprint is SHA256:tGcqk10ZrrUIdFxv6Ql0TuTUVPzYAWkIXmoduYOtLJs
+--[ED25519 256]--+
| .++B++o.|
| ..o+X.+...|
| . ++=.O oo|
| . o.+ X .. o|
| . S O + |
| = @ . |
| + O . |
| E |
| |
+----[SHA256]-----+
[email protected]: Permission denied (publickey).
- 解决办法:
重置服务器的密码
登陆服务器
然后重新放公钥到服务器的文件authorized_keys中
4. 其他关于ssh
- .ssh 中文件的作用解释
- known_hosts :https://zhuanlan.zhihu.com/p/575939310
- 检查是否安装了ssh,ssh服务的启动和停止;配置文件的修改方式