Existe outra configuração que impede o usuário de registrar o ssh?

Question

Existe outra configuração que impede o usuário de registrar o ssh?

0

Portanto, tenho dois usuários em um servidor linux remoto: userA , userB e adiciono meu id_rsa.pu local a seus authorized_keys exatamente da mesma maneira, a permissão de arquivo e a propriedade são aceitáveis, mas quando ssh remoteServer , posso fazer o login usando userA , mas não é possível por userB :

aqui está log de ssh -vvv

Boa: ssh -vvv userA@ip

debug2: key: /Users/sato/.ssh/id_rsa (0x7fac52415cc0), explicit
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:****************************************** /Users/sato/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp SHA256:*******************************************
debug1: Authentication succeeded (publickey).
Authenticated to *************** (*********************).

Ruim: ssh -vvv userB@ip

debug2: key: /Users/sato/.ssh/id_rsa (0x7faf19c186a0), explicit
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:****************************************** /Users/sato/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
********************: Permission denied (publickey,keyboard-interactive).

Por que não consigo fazer login pelo usuárioB?

# ls -ld /home/userB
drwxr-xr-x 7 userB userB 4096 2018-03-29 18:29 /home/userB
# ls -ld /home/userB/.ssh/
drwx------ 2 userB userB 4096 2018-03-30 10:45 /home/userB/.ssh/
# ls -l /home/userB/.ssh/
total 16
-rw------- 1 userB userB  805 2018-03-30 10:45 authorized_keys
-rw------- 1 userB userB 1675 2018-02-15 16:15 id_rsa
-rw-r--r-- 1 userB userB  400 2018-02-15 16:15 id_rsa.pub
-rw-r--r-- 1 userB userB 1300 2018-02-15 16:27 known_hosts

# ls -ld /home/userA
drwxr-xr-x 21 userA userA 4096 2018-03-21 16:13 /home/userA
# ls -ld /home/userA/.ssh/
drwx------ 2 userA userA 4096 2018-03-30 10:45 /home/userA/.ssh/
# ls -l /home/userA/.ssh/
total 128
-rw------- 1 userA userA    805 2018-03-30 10:45 authorized_keys
-rw------- 1 userA userA   3243 2018-01-05 17:09 id_rsa
-rw-r--r-- 1 userA userA    747 2018-01-05 17:09 id_rsa.pub
-rw-r--r-- 1 userA userA 104246 2018-03-06 15:09 known_hosts

sshd_config:

HostKey /etc/ssh/ssh_host_key
HostDsaKey /etc/ssh/ssh_host_dsa_key
ServerKeyBits 768
LoginGraceTime 120
KeyRegenerationInterval 3600
PermitRootLogin no
IgnoreRhosts no
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
SyslogFacility AUTH
LogLevel VERBOSE
RhostsRSAAuthentication no
RSAAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no

ssh linux

por Sato 30.03.2018 / 02:45

0 respostas

Tags ssh linux

Como escrever script de inicialização para o systemd iptables ACCEPT não funciona como esperado