Я хочу подключить SSH из machine1 к machine2 без пароля. machine2 использует Solaris 10. Я генерирую пары ключей на machine1 используя пользователя user1 и передал открытый ключ в machine2 под user2. (не user1).
Затем я скопировал содержимое user1открытый ключ в user2 ssh каталог внутри файла с именем authorized_keys.
Тогда я убеждаюсь, что мой machine2 sshd_config имеет следующее:
IgnoreRhosts no
HostbasedAuthentication yes
PasswordAuthentication no
....
PAMAuthenticationViaKBDInt yes
RSAAuthentication yes
PermitRootLogin no
Но после перезапуска sshd (svcadm restart ssh), Я не могу подключиться к user2 с помощью user1 в machine1. Он всегда запрашивает мой пароль. Я думаю, что демон ssh переходит к PAMAuthenticationViaKBDInt вариант.
Иногда я вижу такие файлы, как known_hosts и identity. поддерживаются ли они в версии SSH для Solaris 10?
Что-нибудь посоветуйте, правильно ли я сделал конфигурацию? Что нужно сделать на machine1's ssh_config файл?
Обновление: мой user1 ssh -vvv вывод:
debug: server offers auth methods 'gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,hostbased'.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:595/ssh_client_auth_hostbased: Starting hostbased auth...
debug: SshConfig/sshconfig.c:3072/ssh2_parse_config_ext: Metaconfig parsing stopped at line 3.
debug: SshConfig/sshconfig.c:3364/ssh_config_read_file_ext: Read 6 params from config file.
debug: Host key pair is not specified, trying to use default 'hostkey'.
debug: SshHostKeyIO/sshhostkeyio.c:194/ssh_host_key_read_keys: Reading public host key from /etc/ssh2/hostkey .pub
debug: SshHostKeyIO/sshhostkeyio.c:279/ssh_host_key_read_keys: Host key algorithms (from disk): ssh-dss
debug: SshSigChld/sigchld.c:238/ssh_sigchld_register: Registering handler for pid 4410.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:133/hostbased_init_pubkey: Trying "hostbased" authentication with `ssh-dss' key.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:805/ssh_client_auth_hostkeys_initialized: Child: Execing ssh -signer...(path: /path/to/ssh2/bin/ssh-signer2)
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:448/auth_hostbased_received_packet: ssh-signer returned SSH_ AUTH_HOSTBASED_SIGNATURE
debug: server offers auth methods 'gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,hostbased'.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:667/ssh_client_auth_hostbased: Server rejected the signature .
debug: Ssh2AuthClient/sshauthc.c:319/ssh_authc_completion_proc: Method 'hostbased' disabled.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:110/hostbased_init_pubkey: No more keys to try.
debug: ssh_pipe_stream_destroy
debug: server offers auth methods 'gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,hostbased'.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1794/ssh_client_auth_pubkey: Starting pubkey auth...
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1751/ssh_client_auth_pubkey_agent_open_complete: Agent is not runn ing.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1549/ssh_client_auth_pubkey_agent_list_complete: Got 0 keys from t he agent.
debug: SshConfig/sshconfig.c:2979/ssh2_parse_config_ext: Unable to open /users/home/user1/.ssh2/identificatio n
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:1529/ssh_client_auth_pubkey_add_candidates: Trying 0 key candidate s.
debug: Ssh2AuthPubKeyClient/authc-pubkey.c:983/ssh_client_auth_pubkey_try_this_candidate: All keys declined b y server, disabling method.
debug: Ssh2AuthClient/sshauthc.c:319/ssh_authc_completion_proc: Method 'publickey' disabled.
debug: server offers auth methods 'gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,hostbased'.
debug: Ssh2AuthKbdInteractiveClient/authc-kbd-interactive.c:342/ssh_client_auth_kbd_interact: Starting kbd-in t auth...
Keyboard-interactive:
Password: debug: SshReadPass/readpass.c:198/ssh_read_passphrase: got errno 4, system error Interrupted system call
Спасибо