=Start=
缘由:
简单记录一下前段时间出现的ssh登录异常问题的处理办法,方便以后参考。
正文:
参考解答:
现象:ssh突然登录不上云机器了
$ ssh [email protected]
[email protected]: Permission denied (publickey,keyboard-interactive).
$ ssh -vv [email protected]排查过程:
- 通过web控制台登录其它账号进行查看
systemctl status sshd
sshd -t- 发现错误提示:
error: Could not load host key: /etc/ssh/ssh_host_dsa_key
找到相关文章说明:
$ ls -al /etc/ssh/ssh*key
$ sudo rm -r /etc/ssh/ssh*key
$ sudo systemctl restart sshd
# 或
$ sudo ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
$ sudo ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
$ sudo ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
$ ls -al /etc/ssh/ssh*key - 然后再尝试登录,依旧报错,不过换了一个错误提示:
sshd user xxx not allowed because account is locked - 又找到相关说明,进行尝试
# 更新 sshd 的配置文件
# vim /etc/ssh/sshd_config
+ UsePAM yes
# PasswordAuthentication yes 安装时一般也默认有这个配置,如果没了也需要加上
# systemctl restart sshd
# systemctl status sshd
或
# 直接修改 /etc/shadow 文件(这个办法暂未实际测试)
# sed -i s/my-username:!/"my-username:*"/g /etc/shadow问题解决。
参考链接:
Linux有问必答:如何修复“sshd error: could not load host key”
https://linux.cn/article-4226-1.html
How to fix “sshd error: could not load host key”
https://www.xmodulo.com/sshd-error-could-not-load-host-key.html
User username not allowed because account is locked #35
https://github.com/camptocamp/puppet-accounts/issues/35
ssh免密失败,报错user not allowed because account is locked
https://www.cnblogs.com/mingfan/p/13818902.html
ssh报user not allowed because account is locked错误
https://blog.csdn.net/weixin_41875646/article/details/84777346
=END=
《“ssh异常登录问题处理记录”》 有 2 条评论
用scp进行文件传递时提示“subsystem request failed on channel 1”
`
添加 -O 选项解决了我的这个问题。
try to use -O option with scp. This solved the same issue in my case with 9.0p1.
It forces to use the legacy SCP protocol for file transfers instead of the SFTP protocol. Use of the SCP protocol may be necessary for servers that do not implement SFTP, for backwards-compatibility for particular filename wildcard patterns and for expanding paths with a ‘~’ prefix for older SFTP servers.
`
subsystem request failed on channel 0 scp: Connection closed – Macbook
https://stackoverflow.com/questions/74311661/subsystem-request-failed-on-channel-0-scp-connection-closed-macbook
subsystem request failed on channel 0,scp: connection closed
https://github.com/PowerShell/Win32-OpenSSH/issues/1945
sshd error: Error checking authentication key RSA SHA256: in revoked keys file /etc/ssh/sshd_revoked_keys: No such file or directory
How to Revoke SSH Keys
https://docs.rundeck.com/docs/learning/howto/revoke-ssh-keys.html
`
# touch /etc/ssh/sshd_revoked_keys
# ls -l /etc/ssh/sshd_revoked_keys
`
How to revoke specific key used to login with OpenSSH
https://sleeplessbeastie.eu/2020/02/17/how-to-revoke-specific-key-used-to-login-with-openssh/