我想将公共密钥授权添加到我的sftp chroot目录中,但我始终得到:
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/test/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
Couldn't read packet: Connection reset by peer
Chroot之所以有效,是因为可以使用密码进行授权。我在此主机上没有chroot的其他帐户,并且可以使用此密钥。我尝试了很多次,但还是没用。
在auth.log中的服务器上只有:连接被xxx [preauth]关闭>
这是我的目录:
ls -laR /sftp/ /sftp/: total 12 drwxr-xr-x 3 root root 4096 May 3 16:55 . drwxr-xr-x 23 root root 4096 May 3 14:46 .. drwxr-xr-x 3 root root 4096 May 3 16:45 backup /sftp/backup: total 12 drwxr-xr-x 3 root root 4096 May 3 16:45 . drwxr-xr-x 3 root root 4096 May 3 16:55 .. drwxr-xr-x 3 backup sftpusers 4096 May 3 16:55 incoming /sftp/backup/incoming: total 12 drwxr-xr-x 3 backup sftpusers 4096 May 3 16:55 . drwxr-xr-x 3 root root 4096 May 3 16:45 .. drwx------ 2 backup sftpusers 4096 May 3 21:06 .ssh /sftp/backup/incoming/.ssh: total 12 drwx------ 2 backup sftpusers 4096 May 3 21:06 . drwxr-xr-x 3 backup sftpusers 4096 May 3 16:55 .. -rw------- 1 backup sftpusers 391 May 3 21:06 authorized_keys
我的用户:
backup:x:1002:1003::/incoming:/usr/sbin/nologin
我的ssh配置:
Match Group sftpusers ChrootDirectory /sftp/%u AuthorizedKeysFile /sftp/backup/incoming/.ssh/authorized_keys ForceCommand internal-sftp AllowTcpForwarding no X11Forwarding no
请帮助。
我想将公共密钥授权添加到我的sftp chroot目录中,但我始终得到:debug1:下一种身份验证方法:publickey debug1:提供RSA公共密钥:/home/test/.ssh/id_rsa debug3:...
我尝试了此解决方案(将AuthorizedKeysFile放入Match块,并且sshd -T
抱怨:
/etc/ssh/sshd_config line 153: Directive 'AuthorizedKeysFile' is not allowed within a Match block
问题已解决。
斯蒂芬·布坎南(Stephen Buchanan)的回答对我帮助很大,但我有一个问题。为什么不将“传入”文件夹放入/ sftp / backup / home / backup?当我通过sftp进入服务器时,无论如何我最终都位于该特定文件夹中,因此也有必要在其中放入“传入”,这样我就不必cd了,对吗?或者我不是要sftp到/ sftp / backup / home / backup吗?我假设我从那里开始,因为它被视为主目录,对吧?