论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2006-11-21 09:49 |只看该作者 |倒序浏览

# ssh -v v880b\r\nOpenSSH_4.1p1, OpenSSL 0.9.7g 11 Apr 2005\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: Applying options for *\r\ndebug1: Connecting to v880b [10.0.11.12] port 22.\r\ndebug1: Connection established.\r\ndebug1: permanently_set_uid: 0/0\r\ndebug1: identity file /root/.ssh/identity type -1\r\ndebug1: identity file /root/.ssh/id_rsa type 1\r\ndebug1: identity file /root/.ssh/id_dsa type -1\r\ndebug1: Remote protocol version 2.0, remote software version Sun_SSH_1.0.1\r\ndebug1: match: Sun_SSH_1.0.1 pat Sun_SSH_1.0*\r\ndebug1: Enabling compatibility mode for protocol 2.0\r\ndebug1: Local version string SSH-2.0-OpenSSH_4.1\r\ndebug1: SSH2_MSG_KEXINIT sent\r\ndebug1: SSH2_MSG_KEXINIT received\r\ndebug1: kex: server->client aes128-cbc hmac-md5 none\r\ndebug1: kex: client->server aes128-cbc hmac-md5 none\r\ndebug1: sending SSH2_MSG_KEXDH_INIT\r\ndebug1: expecting SSH2_MSG_KEXDH_REPLY\r\ndebug1: Host \'v880b\' is known and matches the RSA host key.\r\ndebug1: Found key in /root/.ssh/known_hosts:16\r\ndebug1: ssh_rsa_verify: signature correct\r\ndebug1: SSH2_MSG_NEWKEYS sent\r\ndebug1: expecting SSH2_MSG_NEWKEYS\r\ndebug1: SSH2_MSG_NEWKEYS received\r\ndebug1: SSH2_MSG_SERVICE_REQUEST sent\r\ndebug1: SSH2_MSG_SERVICE_ACCEPT received\r\ndebug1: Authentications that can continue: publickey,password\r\ndebug1: Next authentication method: publickey\r\ndebug1: Trying private key: /root/.ssh/identity\r\ndebug1: Offering public key: /root/.ssh/id_rsa\r\nConnection closed by 10.0.11.12\r\n\r\n用一般的用户登录正常。 \r\nsshd_conf中相关配置如下：\r\n# grep -v \"^#\" /etc/ssh/sshd_config | grep \"^[a-zA-Z]\"\r\nProtocol 2\r\nPort 22\r\nListenAddress ::\r\nAllowTcpForwarding no\r\nGatewayPorts no\r\nX11Forwarding no\r\nX11DisplayOffset 10\r\nPrintMotd no\r\nCheckMail no\r\nKeepAlive yes\r\nSyslogFacility auth\r\nLogLevel info\r\nHostKey /etc/ssh/ssh_host_rsa_key\r\nHostKey /etc/ssh/ssh_host_dsa_key\r\nCiphers aes128-cbc,blowfish-cbc,3des-cbc\r\nMACS hmac-sha1,hmac-md5\r\nServerKeyBits 768\r\nKeyRegenerationInterval 3600\r\nStrictModes yes\r\nLoginGraceTime 600\r\nMaxAuthTries 6\r\nMaxAuthTriesLog 3\r\nPermitEmptyPasswords no\r\nPasswordAuthentication yes\r\nPAMAuthenticationViaKBDInt yes\r\nPermitRootLogin yes\r\nSubsystem sftp /usr/lib/ssh/sftp-server\r\nIgnoreRhosts yes\r\nRhostsAuthentication no\r\nRhostsRSAAuthentication no\r\nRSAAuthentication yes\r\n\r\n已经清空known_hosts