Linux 虚拟机进行多级操作无法使用问题?

问答 潘红旭 ⋅ 于 2020-10-07 15:22:38 ⋅ 最后回复由 潘红旭 2020-10-07 15:37:14 ⋅ 284 阅读

file
已经配置过免密, 切换用户是不需要密码的, 多级操作输入完命令,让我输入密码,每次都会弹出Permission denied, please try again.,第三次是Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
no,输入三次之后,命令也无法执行。 网上查原因说是权限问题,但是我的config文件配置是对的 ,求各路大神解答疑惑。

成为第一个点赞的人吧 :bowtie:
回复数量: 3
  • 潘红旭
    2020-10-07 15:24:59

    [root@nn1 ~]# vim /etc/ssh/sshd_config

    Ciphers and keying RekeyLimit default none Logging SyslogFacility AUTH Authentication: LoginGraceTime 2m

    PermitRootLogin yes

    StrictModes yes MaxAuthTries 6 MaxSessions 10 PubkeyAuthentication yes

    AuthorizedKeysFile .ssh/authorized_keys

    AuthorizedPrincipalsFile none AuthorizedKeysCommand none AuthorizedKeysCommandUser nobody HostbasedAuthentication no Change to yes if you don't trust ~/.ssh/known_hosts for HostbasedAuthentication IgnoreUserKnownHosts no Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes PermitEmptyPasswords no

    PasswordAuthentication yes

    Change to no to disable s/key passwords ChallengeResponseAuthentication yes

    ChallengeResponseAuthentication no

    KerberosAuthentication no KerberosOrLocalPasswd yes KerberosTicketCleanup yes KerberosGetAFSToken no KerberosUseKuserok yes GSSAPI options

    GSSAPIAuthentication yes
    GSSAPICleanupCredentials no

    GSSAPIStrictAcceptorCheck yes GSSAPIKeyExchange no GSSAPIEnablek5users no Set this to 'yes' to enable PAM authentication, account processing, and session processing. If this is enabled, PAM authentication will be allowed through the ChallengeResponseAuthentication and PasswordAuthentication. Depending on your PAM configuration, PAM authentication via ChallengeResponseAuthentication may bypass the setting of "PermitRootLogin without-password". If you just want the PAM account and session checks to run without PAM authentication, then enable this but set PasswordAuthentication and ChallengeResponseAuthentication to 'no'. problems.

    UsePAM yes

    AllowAgentForwarding yes AllowTcpForwarding yes GatewayPorts no

    X11Forwarding yes

    PermitTTY yes PrintMotd yes PrintLastLog yes TCPKeepAlive yes UseLogin no UsePrivilegeSeparation sandbox PermitUserEnvironment no Compression delayed ClientAliveInterval 0 ClientAliveCountMax 3 ShowPatchLevel no UseDNS yes PidFile /var/run/sshd.pid LoginGraceTime 2m

    PermitRootLogin yes

    StrictModes yes MaxAuthTries 6 MaxSessions 10 PubkeyAuthentication yes Authentication: LoginGraceTime 2m

    PermitRootLogin yes

    StrictModes yes MaxAuthTries 6 MaxSessions 10 PubkeyAuthentication yes The default is to check both .ssh/authorized_keys and .ssh/authorize

    d_keys2

    but this is overridden so installations will only check .ssh/authori

    zed_keys
    AuthorizedKeysFile .ssh/authorized_keys

    AuthorizedPrincipalsFile none AuthorizedKeysCommand none AuthorizedKeysCommandUser nobody For this to work you will also need host keys in /etc/ssh/sshknown

    hosts

    HostbasedAuthentication no

    已查找到文件开头,再从结尾继续查找

    LoginGraceTime 2m PermitRootLogin yes StrictModes yes MaxAuthTries 6 MaxSessions 10 PubkeyAuthentication yes The default is to check both .ssh/authorized_keys and .ssh/authorize

    d_keys2

    but this is overridden so installations will only check .ssh/authori

    zed_keys
    AuthorizedKeysFile .ssh/authorized_keys

    AuthorizedPrincipalsFile none AuthorizedKeysCommand none AuthorizedKeysCommandUser nobody For this to work you will also need host keys in /etc/ssh/sshknown

    hosts

    HostbasedAuthentication no Change to yes if you don't trust ~/.ssh/known_hosts for

    这是我的sshd_config配置

  • bbbb 请一句话介绍你自己,大部分情况下会在你的头像和名字旁边显示
    2020-10-07 15:32:07

    脚本权限应该是770

    file

  • 潘红旭
    2020-10-07 15:37:14

    @bbbb 不行呀,还是这个样子

    file

暂无评论~~
  • 请注意单词拼写,以及中英文排版,参考此页
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`, 更多语法请见这里 Markdown 语法
  • 支持表情,可用Emoji的自动补全, 在输入的时候只需要 ":" 就可以自动提示了 :metal: :point_right: 表情列表 :star: :sparkles:
  • 上传图片, 支持拖拽和剪切板黏贴上传, 格式限制 - jpg, png, gif,教程
  • 发布框支持本地存储功能,会在内容变更时保存,「提交」按钮点击时清空
Ctrl+Enter