Shell实现自动登录ssh

shell下实现自动登录ssh的方法

先用ssh-keygen生成密钥和公钥，然后把公钥copy到对方节点去...,具体参考下面的步骤。

[@more@]

ssh-keygen -t rsa 或 ssh-keygen -d (dsa) => 产生出 id_rsa, id_rsa.pub

scp id_rsa.pub server_hostname:~/.ssh/

ssh server_hostname

cat .ssh/id_rsa.pub >> .ssh/authorized_keys

cat .ssh/id_rsa.pub >> .ssh/authorized_keys2

同时Copy到对方节点。

即可

这样子就可以key认证登入，不需输入密码

然后,今天做我们的生产环境的时候,发现有6台机器全部都通过了ssh自动连接到远程主机,惟独有一台机器不行,在网上查了很久,终于得到了一个最终的答案!下面的是参考文章,我的解决办法也是设置了对应的目录权限就可以了!

--------------------------------------------------------------------

ssh-keygen后，仍提示需要密码

折腾了一个晚上的问题，没解决，网上很多人提问，但没找到正确的解决方法。

今天早上继续，终于解决！

按如下配置：

[oracle@dbrac3 opt]$ mkdir ~/.ssh
[oracle@dbrac3 opt]$ chmod 700 ~/.ssh
[oracle@dbrac3 opt]$ ssh-keygen -t rsa
[oracle@dbrac3 opt]$ ssh-keygen -t dsa
[oracle@dbrac3 opt]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[oracle@dbrac3 opt]$ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
[oracle@dbrac3 opt]$ ssh dbrac3 date

oracle@dbrac3's password:
Wed Jul 16 02:25:23 CST 2008

同样的步骤，在另外几台机器上都是正常的，无须提示输入密码。很奇怪，而且，是从同一个vm模板上clone出来的机器，为什么有的可以，有的不可以，很头痛，尝试不同的组合都不行。

用ssh的调试模式：

[oracle@dbrac3 .ssh]$ ssh -v dbrac3 date
...
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195

debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195

debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195

debug1: Next authentication method: publickey
debug1: Trying private key: /opt/oracle/.ssh/identity
debug1: Offering public key: /opt/oracle/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Offering public key: /opt/oracle/.ssh/id_dsa
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: password oracle@dbrac3's password:
debug1: Authentication succeeded (password).
...

而在另外一台正常的机器，相关的步骤如下：

[oracle@dbrac1 ~]$ ssh -v dbrac1 date
...
debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195

debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195

debug1: Unspecified GSS failure. Minor code may provide more information
Unknown code krb5 195

debug1: Next authentication method: publickey
debug1: Trying private key: /opt/oracle/.ssh/identity
debug1: Offering public key: /opt/oracle/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
...

从对比中看不出问题所在。

检查系统的安全日志：

[root@dbrac3 ~]# vi /var/log/secure

Jul 16 02:25:23 dbrac3 sshd[5974]: pam_unix(sshd:session): session opened for user oracle by (uid=0)
Jul 16 02:25:23 dbrac3 sshd[5974]: pam_unix(sshd:session): session closed for user oracle
[root@dbrac3 ~]# tail -f /var/log/secure
Jul 16 02:25:17 dbrac3 sshd[5947]: Authentication refused: bad ownership or modes for directory /opt/oracle
Jul 16 02:25:17 dbrac3 sshd[5947]: Authentication refused: bad ownership or modes for directory /opt/oracle

提示用户home目录有问题，继续检查：

[oracle@dbrac3 opt]$ ll
total 316
drwxrwxr-x 20 oracle dba 4096 Jul 16 02:13 oracle

而正常的机器：

[oracle@dbrac1 opt]$ ll
total 324
drwxr-xr-x 8 oracle dba 4096 Jul 12 07:46 oracle

权限不同，虽然觉得好像没什么相关性，但测试修改看看

[oracle@dbrac3 opt]$
[oracle@dbrac3 opt]$ ll
total 316
drwxr-xr-x 20 oracle dba 4096 Jul 16 02:13 oracle

再次执行：

[oracle@dbrac3 opt]$ ssh dbrac3 date
Wed Jul 16 02:28:53 CST 2008

来自 “ ITPUB博客 ” ，链接：http://blog.itpub.net/21484429/viewspace-1023089/，如需转载，请注明出处，否则将追究法律责任。

转载于:http://blog.itpub.net/21484429/viewspace-1023089/