Ssh 只有在从其他操作系统装入磁盘时创建文件时，授权密钥权限才会被拒绝

Env:

debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug3: no such identity: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).

VM A:我想在没有密码的情况下访问的计算机

VM B：我想从机器上访问VM A而不使用密码

问题描述：

debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug3: no such identity: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).

由于我想不使用密码从VM B访问VM A，我想首先将VM B的公钥注入VM A，但是如果我使用ssh copy，我仍然需要密码，所以我尝试通过挂载来注入文件

步骤：

debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug3: no such identity: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).

从LiveCD启动vma

装载VM A的根磁盘（包含操作系统）

在${mount\u point}/root/.ssh下创建授权密钥文件/

将VM B的公钥键入授权密钥文件

停止VM A并删除LiveCD，然后再次启动VM A

通过命令从VM B访问VM A

ssh-o UserKnownHostsFile=/dev/null-o StrictHostKeyChecking=no-o PasswordAuthentication=noroot@9.112.224.130

结果：

debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug3: no such identity: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).

但在我执行了以下命令之后，它就工作了（文件模式都是600，与diff命令没有区别）

所以我再次尝试注入它，但是这次，在从LiveCD开始之前，我创建了一个空的authorized_keys文件，并跳过了步骤3，其他步骤都是一样的，因为这次VM B可以在不使用密码的情况下访问VM A

问题：

debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug3: no such identity: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).

授权密钥和授权密钥的属性都是相同的，为什么一个有效，一个无效

只有当我创建文件而不是从LiveCD装载时，我授权的\u密钥才能工作

---

ssh副本id将向您询问一次密码，以便将密钥注入远程系统

您显示的日志来自ssh客户端。我们还需要ssh服务器日志来检查ssh服务器无法验证用户凭据的原因

从客户端日志中，我们可以说，它尝试了基于公钥（无密码）的身份验证，但失败了（意味着被服务器拒绝）。所以剩下的方法是“键盘交互”（由服务器支持），但客户端不支持它，所以没有身份验证方法可以尝试，所以失败了

您是否也可以检查以下工作和非工作场景

检查客户端和服务器上用于身份验证的用户公钥 在客户端上->/users/.ssh/id_rsa.pub

---

在服务器上->/etc/ssh/authorized_keys（检查用户名条目）

客户端中的公钥与服务器中的密钥相同。主机名也没有问题，就像我在服务器中执行以下命令时一样。客户端无需密码即可访问服务器mv authorized_keys authorized_keys_bak cp authorized_keys_bak authorized_keys我猜问题在于装载，因为在运行sshd的过程中可能无法访问该位置。当我从服务器运行ssh时，客户端会正常启动，而不是从LiveCD启动，所以你的意思是在装载过程中创建文件时会出现一些问题？是的，这可能是原因。但是这两个文件之间没有区别，一个正常，一个不正常，不可理解，有没有找到根本原因的想法？