本机sshd服务开启但是其他机器不能登陆

 

问题现象:

发现本机sshd服务开启但是其他机器不能登陆

查看sshd服务

[root@localhost ~]# systemctl status sshd.service 
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2017-06-18 03:55:51 PDT; 21min ago
     Docs: man:sshd(8)
           man:sshd_config(5)
  Process: 3789 ExecStart=/usr/sbin/sshd $OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 3791 (sshd)
   CGroup: /system.slice/sshd.service
           └─3791 /usr/sbin/sshd

Jun 18 04:17:07 localhost.localdomain sshd[4304]: error: bad permissions: ignore key: /etc/ssh/ssh_host_ecdsa_key
Jun 18 04:17:07 localhost.localdomain sshd[4304]: error: Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Jun 18 04:17:07 localhost.localdomain sshd[4304]: error: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Jun 18 04:17:07 localhost.localdomain sshd[4304]: error: @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
Jun 18 04:17:07 localhost.localdomain sshd[4304]: error: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Jun 18 04:17:07 localhost.localdomain sshd[4304]: error: Permissions 0604 for '/etc/ssh/ssh_host_ed25519_key' are too open.
Jun 18 04:17:07 localhost.localdomain sshd[4304]: error: It is required that your private key files are NOT accessible by others.
Jun 18 04:17:07 localhost.localdomain sshd[4304]: error: This private key will be ignored.
Jun 18 04:17:07 localhost.localdomain sshd[4304]: error: bad permissions: ignore key: /etc/ssh/ssh_host_ed25519_key
Jun 18 04:17:07 localhost.localdomain sshd[4304]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key

解决方法:可以很容易看出来这是因为ssh服务的配置文件的访问权限有问题,配置文件路径为/etc/ssh,将这些文件的权限修改为如下即可:

[root@localhost ssh]# ls -al
total 288
drwxr-xr-x.   2 root root        225 Jun 18 03:55 .
drwxr-xr-x. 138 root root       8192 Jun 18 03:54 ..
-rw-r--r--.   1 root root     242153 Nov 11  2016 moduli
-rw-r--r--.   1 root root       2208 Nov 11  2016 ssh_config
-rw-r--r--    1 root root       4362 Jun 18 03:55 sshd_config
-rw-------.   1 root ssh_keys    227 May 31 18:43 ssh_host_ecdsa_key
-rw-r--r--.   1 root root        162 May 31 18:43 ssh_host_ecdsa_key.pub
-rw-------.   1 root ssh_keys    387 May 31 18:43 ssh_host_ed25519_key
-rw-r--r--.   1 root root         82 May 31 18:43 ssh_host_ed25519_key.pub
-rw-------.   1 root ssh_keys   1679 May 31 18:43 ssh_host_rsa_key
-rw-r--r--.   1 root root        382 May 31 18:43 ssh_host_rsa_key.pub
[root@localhost ssh]#

 

posted @ 2017-06-18 19:43  李学文  阅读(2201)  评论(0编辑  收藏  举报
levels of contents