互联网服务aix 6
ssh信任配置 非root需要密码
我在2台AIX6100-05-05-1112之间配置root的ssh信任配置成功,无须密码。
root用户:
p55a_csha2:/#ssh p550_csha1 date
Thu Sep 20 11:22:13 BEIST 2012
同样配置非root用户,则提示需要输入密码,配置如下:
sshd_config文件修改如下:
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile ~/.ssh/authorized_keys
其他参数没有任何修改。
grid用户:
p55a_csha2:/home/grid/.ssh$ssh p550_csha1 date
grid@p550_csha1's password:
Thu Sep 20 11:20:59 BEIST 2012
而rsh则不需要密码:
p55a_csha2:/home/grid/.ssh$rsh p550_csha1 date
Thu Sep 20 11:21:06 BEIST 2012
rhosts文件如下:
p55a_csha2:/home/grid$cat .rhosts
+
p55a_csha2:/home/grid/.ssh$ls -lt
total 48
-rw-r--r-- 1 grid oinstall 812 Sep 20 10:14 known_hosts
-rw------- 1 grid oinstall 2004 Sep 20 10:13 authorized_keys
-rw------- 1 grid oinstall 668 Sep 20 10:10 id_dsa
-rw-r--r-- 1 grid oinstall 605 Sep 20 10:10 id_dsa.pub
-rw------- 1 grid oinstall 1675 Sep 20 10:04 id_rsa
-rw-r--r-- 1 grid oinstall 397 Sep 20 10:04 id_rsa.pub
p55a_csha2:/home/grid/.ssh$cat authorized_keys
ssh-rsa **** grid@p550_csha1
ssh-rsa **** grid@p55a_csha2
ssh-dss **** grid@p550_csha1
ssh-dss **** grid@p55a_csha2
root用户:
p55a_csha2:/#ssh p550_csha1 date
Thu Sep 20 11:22:13 BEIST 2012
同样配置非root用户,则提示需要输入密码,配置如下:
sshd_config文件修改如下:
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile ~/.ssh/authorized_keys
其他参数没有任何修改。
grid用户:
p55a_csha2:/home/grid/.ssh$ssh p550_csha1 date
grid@p550_csha1's password:
Thu Sep 20 11:20:59 BEIST 2012
而rsh则不需要密码:
p55a_csha2:/home/grid/.ssh$rsh p550_csha1 date
Thu Sep 20 11:21:06 BEIST 2012
rhosts文件如下:
p55a_csha2:/home/grid$cat .rhosts
+
p55a_csha2:/home/grid/.ssh$ls -lt
total 48
-rw-r--r-- 1 grid oinstall 812 Sep 20 10:14 known_hosts
-rw------- 1 grid oinstall 2004 Sep 20 10:13 authorized_keys
-rw------- 1 grid oinstall 668 Sep 20 10:10 id_dsa
-rw-r--r-- 1 grid oinstall 605 Sep 20 10:10 id_dsa.pub
-rw------- 1 grid oinstall 1675 Sep 20 10:04 id_rsa
-rw-r--r-- 1 grid oinstall 397 Sep 20 10:04 id_rsa.pub
p55a_csha2:/home/grid/.ssh$cat authorized_keys
ssh-rsa **** grid@p550_csha1
ssh-rsa **** grid@p55a_csha2
ssh-dss **** grid@p550_csha1
ssh-dss **** grid@p55a_csha2
12同行回答
前提node1和node2的grid用户ssh-keygen生成了.ssh目录,
node1上将pub文件内容导入了authorized_keys文件,node2上的pub文件也已经导入node1上的authorized_keys文件,同时authorized_keys文件复制到node2上的$HOME/.ssh目录下。
具体SSH的信任配置参见网上资料。
本帖主要解决grid信任配置完成后,ssh nodename date仍然需要输入密码的情况。
解决过程如下:
1)在/etc/ssh/sshd_config配置文件中打开ssh的debug信息记录,如下格式:
SyslogFacility AUTH
Loglevel debug
2)停止SSH进程:stopsrc -s sshd
3)启动SSH进程:startsrc -s sshd
4)使用/usr/sbin/sshd -ddd调试,会显示ssh进程的参数设置,确认ssh的auth日志参数配置
#/usr/sbin/sshd -ddd
5)syslog守护进程的配置文件/etc/syslog.conf文件中将auth的级别设置为debug,信息放入/var/log/secure文件,确保文件存在。/etc/syslog.conf新增如下条目:
auth.debug /var/log/secure
然后refresh -s sshd
以上步骤是root在node1和node2上都执行。
6)在node1节点通过grid用户执行ssh -vvv node2 ,同时在node2节点查看secure日志文件
$tail -f /var/log/secure
文件内容提示/.ssh/authorized_keys无法打开,可能是grid仍然使用的是root下的authorized_keys文件认证,而没有使用/home/grid/.ssh/authorized_keys文件
7)root用户登录node2,修改root用户的.ssh目录权限:
chmod 755 /.ssh
chmod 644 /.ssh/authorized_keys
8)node2上将grid用户下的authorized_keys文件内容导入root用户下的/.ssh/authorized_keys
cat /home/grid/.ssh/authorized_keys>> /.ssh/authorized_keys
9)在node1上grid用户执行ssh node2 date 成功返日期,无须输入密码收起
node1上将pub文件内容导入了authorized_keys文件,node2上的pub文件也已经导入node1上的authorized_keys文件,同时authorized_keys文件复制到node2上的$HOME/.ssh目录下。
具体SSH的信任配置参见网上资料。
本帖主要解决grid信任配置完成后,ssh nodename date仍然需要输入密码的情况。
解决过程如下:
1)在/etc/ssh/sshd_config配置文件中打开ssh的debug信息记录,如下格式:
SyslogFacility AUTH
Loglevel debug
2)停止SSH进程:stopsrc -s sshd
3)启动SSH进程:startsrc -s sshd
4)使用/usr/sbin/sshd -ddd调试,会显示ssh进程的参数设置,确认ssh的auth日志参数配置
#/usr/sbin/sshd -ddd
5)syslog守护进程的配置文件/etc/syslog.conf文件中将auth的级别设置为debug,信息放入/var/log/secure文件,确保文件存在。/etc/syslog.conf新增如下条目:
auth.debug /var/log/secure
然后refresh -s sshd
以上步骤是root在node1和node2上都执行。
6)在node1节点通过grid用户执行ssh -vvv node2 ,同时在node2节点查看secure日志文件
$tail -f /var/log/secure
文件内容提示/.ssh/authorized_keys无法打开,可能是grid仍然使用的是root下的authorized_keys文件认证,而没有使用/home/grid/.ssh/authorized_keys文件
7)root用户登录node2,修改root用户的.ssh目录权限:
chmod 755 /.ssh
chmod 644 /.ssh/authorized_keys
8)node2上将grid用户下的authorized_keys文件内容导入root用户下的/.ssh/authorized_keys
cat /home/grid/.ssh/authorized_keys>> /.ssh/authorized_keys
9)在node1上grid用户执行ssh node2 date 成功返日期,无须输入密码收起
浏览2638
问题解决了,解决过程都不贴出来,要共享。收起
浏览4487
已经解决,无法自己给自己结贴收起
浏览4574
1)打开/etc/ssh/sshd_config的debug信息:
SyslogFacility AUTH
Loglevel debug
2)stopsrc -s sshd
3)startsrc -s sshd
4)在/etc/syslog.conf文件中将auth的基本设置为debug
auth.debug /var/log/secure
然后refresh -s sshd
5)在node1节点通过grid用户执行ssh -vvv node2 ,同时在node2节点查看secure日志tail -f /var/log/secure
提示/.ssh/authorized_keys无法打开,可能是grid仍然使用的是root下的authorized_keys文件
6)root用户登录node2,修改root用户的.ssh权限:
chmod 755 .ssh
chmod 644 /.ssh/authorized_keys
6)将grid用户下的authorized_keys文件内容导入root用户下的.ssh/authorized_keys
cat /home/grid/.ssh/authorized_keys>> /.ssh/authorized_keys
7)ssh node2 date 成功返日期,无须输入密码收起
SyslogFacility AUTH
Loglevel debug
2)stopsrc -s sshd
3)startsrc -s sshd
4)在/etc/syslog.conf文件中将auth的基本设置为debug
auth.debug /var/log/secure
然后refresh -s sshd
5)在node1节点通过grid用户执行ssh -vvv node2 ,同时在node2节点查看secure日志tail -f /var/log/secure
提示/.ssh/authorized_keys无法打开,可能是grid仍然使用的是root下的authorized_keys文件
6)root用户登录node2,修改root用户的.ssh权限:
chmod 755 .ssh
chmod 644 /.ssh/authorized_keys
6)将grid用户下的authorized_keys文件内容导入root用户下的.ssh/authorized_keys
cat /home/grid/.ssh/authorized_keys>> /.ssh/authorized_keys
7)ssh node2 date 成功返日期,无须输入密码收起
浏览4706
附上root的调试:
p55a_csha2:/#ssh p550_csha1 date
Thu Sep 20 13:24:51 BEIST 2012
p55a_csha2:/#ssh -vvv p550_csha1
OpenSSH_5.4p1, OpenSSL 0.9.8m 25 Feb 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Failed dlopen: /usr/krb5/lib/libkrb5.a(libkrb5.a.so): 0509-022 Cannot load module /usr/krb5/lib/libkrb5.a(libkrb5.a.so).
0509-026 System error: A file or directory in the path name does not exist.
debug1: Error loading Kerberos, disabling Kerberos auth.
debug2: ssh_connect: needpriv 0
debug1: Connecting to p550_csha1 [192.168.10.12] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug3: Not a RSA1 key file /.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /.ssh/id_rsa type 1
debug1: identity file /.ssh/id_rsa-cert type -1
debug1: identity file /.ssh/id_dsa type -1
debug1: identity file /.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.4
debug1: match: OpenSSH_5.4 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.4
debug2: fd 4 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email]ssh-rsa-cert-v00@openssh.com[/email],[email]ssh-dss-cert-v00@openssh.com[/email],ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email]rijndael-cbc@lysator.liu.se[/email]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email]rijndael-cbc@lysator.liu.se[/email]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email]umac-64@openssh.com[/email],hmac-ripemd160,[email]hmac-ripemd160@openssh.com[/email],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email]umac-64@openssh.com[/email],hmac-ripemd160,[email]hmac-ripemd160@openssh.com[/email],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email]zlib@openssh.com[/email],zlib
debug2: kex_parse_kexinit: none,[email]zlib@openssh.com[/email],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email]rijndael-cbc@lysator.liu.se[/email]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email]rijndael-cbc@lysator.liu.se[/email]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email]umac-64@openssh.com[/email],hmac-ripemd160,[email]hmac-ripemd160@openssh.com[/email],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email]umac-64@openssh.com[/email],hmac-ripemd160,[email]hmac-ripemd160@openssh.com[/email],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email]zlib@openssh.com[/email]
debug2: kex_parse_kexinit: none,[email]zlib@openssh.com[/email]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 139/256
debug2: bits set: 499/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: host p550_csha1 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: host p550_csha1 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: host 192.168.10.12 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: host 192.168.10.12 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'p550_csha1' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:1
debug2: bits set: 495/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /.ssh/id_rsa (20061378)
debug2: key: /.ssh/id_dsa (0)
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp ba:cb:13:ee:43:b7:00:cf:5f:f6:11:65:62:b4:55:20debug3: sign_and_send_pubkey
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting [email]no-more-sessions@openssh.com[/email]
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug2: channel 0: request shell confirm 1
debug2: fd 4 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Last unsuccessful login: Wed Sep 19 15:44:26 BEIST 2012 on ssh from 192.168.10.200
Last login: Thu Sep 20 13:24:51 BEIST 2012 on ssh from p55a_csha2
*******************************************************************************
* *
* *
* Welcome to AIX Version 6.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
*******************************************************************************
与grid用户有所区别收起
p55a_csha2:/#ssh p550_csha1 date
Thu Sep 20 13:24:51 BEIST 2012
p55a_csha2:/#ssh -vvv p550_csha1
OpenSSH_5.4p1, OpenSSL 0.9.8m 25 Feb 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Failed dlopen: /usr/krb5/lib/libkrb5.a(libkrb5.a.so): 0509-022 Cannot load module /usr/krb5/lib/libkrb5.a(libkrb5.a.so).
0509-026 System error: A file or directory in the path name does not exist.
debug1: Error loading Kerberos, disabling Kerberos auth.
debug2: ssh_connect: needpriv 0
debug1: Connecting to p550_csha1 [192.168.10.12] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug3: Not a RSA1 key file /.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /.ssh/id_rsa type 1
debug1: identity file /.ssh/id_rsa-cert type -1
debug1: identity file /.ssh/id_dsa type -1
debug1: identity file /.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.4
debug1: match: OpenSSH_5.4 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.4
debug2: fd 4 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email]ssh-rsa-cert-v00@openssh.com[/email],[email]ssh-dss-cert-v00@openssh.com[/email],ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email]rijndael-cbc@lysator.liu.se[/email]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email]rijndael-cbc@lysator.liu.se[/email]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email]umac-64@openssh.com[/email],hmac-ripemd160,[email]hmac-ripemd160@openssh.com[/email],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email]umac-64@openssh.com[/email],hmac-ripemd160,[email]hmac-ripemd160@openssh.com[/email],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email]zlib@openssh.com[/email],zlib
debug2: kex_parse_kexinit: none,[email]zlib@openssh.com[/email],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email]rijndael-cbc@lysator.liu.se[/email]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email]rijndael-cbc@lysator.liu.se[/email]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email]umac-64@openssh.com[/email],hmac-ripemd160,[email]hmac-ripemd160@openssh.com[/email],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email]umac-64@openssh.com[/email],hmac-ripemd160,[email]hmac-ripemd160@openssh.com[/email],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email]zlib@openssh.com[/email]
debug2: kex_parse_kexinit: none,[email]zlib@openssh.com[/email]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 139/256
debug2: bits set: 499/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: host p550_csha1 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: host p550_csha1 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: host 192.168.10.12 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: host 192.168.10.12 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'p550_csha1' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:1
debug2: bits set: 495/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /.ssh/id_rsa (20061378)
debug2: key: /.ssh/id_dsa (0)
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp ba:cb:13:ee:43:b7:00:cf:5f:f6:11:65:62:b4:55:20debug3: sign_and_send_pubkey
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting [email]no-more-sessions@openssh.com[/email]
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug2: channel 0: request shell confirm 1
debug2: fd 4 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Last unsuccessful login: Wed Sep 19 15:44:26 BEIST 2012 on ssh from 192.168.10.200
Last login: Thu Sep 20 13:24:51 BEIST 2012 on ssh from p55a_csha2
*******************************************************************************
* *
* *
* Welcome to AIX Version 6.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
*******************************************************************************
与grid用户有所区别收起
浏览4711
浏览4549