ssh免密码登录配置不起作用

现象：ssh免密登陆公钥配置正常，但无法免密登陆

[root@big ~]# ssh root@192.168.72.16
root@192.168.72.16's password: 

解决思路：

1./etc/ssh/sshd_config 是否开启免密

[root@charge ~]# vim /etc/ssh/sshd_config 
#RSAAuthentication yes
#PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys

2./root/.ssh目录及其文件权限

[root@charge ~]# getfacl /root/.ssh
getfacl: Removing leading '/' from absolute path names
# file: root/.ssh
# owner: root
# group: root
user::rwx
group::---
other::---

You have new mail in /var/spool/mail/root
[root@charge ~]# 
[root@charge .ssh]# ll
total 4
-rw-------. 1 root root 396 Jul 27 12:27 authorized_keys
-rw-r--r--. 1 root root   0 Jul 27 12:13 known_hosts
[root@charge .ssh]# 

3. CentOS的selinux是否开启

  查看selinux状态

[root@charge ~]#  getenforce
Enforcing
You have new mail in /var/spool/mail/root

 临时关闭

[root@charge ~]# setenforce 0
[root@charge .ssh]# getenforce
Permissive
You have new mail in /var/spool/mail/root
[root@charge .ssh]# 

  永久关闭

[root@charge ~]# vim /etc/selinux/config

..
SELINUX=disabled

4.解决：

我遇到的是selinux开启导致ssh免密无法登陆，关闭selinux后，免密登陆成功

[root@big ~]# ssh root@192.168.72.16
Last login: Fri Jul 27 12:41:22 2018 from 172.16.18.19
[root@charge ~]# 

 

参考：

https://www.cnblogs.com/bamanzi/p/ssh-login-without-password.html