今天同事有一个cluster出了点小问题,nodes之间passwdless SSH配不成功。我上去试了一下也不行。 重新generate key也没用。
后来才试着debug,google了一下发现ssh和sshd的debug mode,(或者可以通过man ssh/sshd来得到)
SERVER> /usr/sbin/sshd -d -e
CLIENT > ssh -v hostname
关于几个参数的意思,
man sshd>
-d Debug mode. The server sends verbose debug output to the system log, and does not put itself in the background. The server
also will not fork and will only process one connection. This option is only intended for debugging for the server. Multiple
-d options increase the debugging level. Maximum is 3.
-e When this option is specified, sshd will send the output to the standard error instead of the system log.
man ssh>
-v Verbose mode. Causes ssh to print debugging messages about its progress. This is helpful in debugging connection, authentica-
tion, and configuration problems. Multiple -v options increase the verbosity. The maximum is 3.
这边可以尝试ssh -vvv , sshd -dd来处理,
然后发现在client端发出请求后被拒绝,在log里看到server端打出的信息,原来是人家$HOME目录权限问题,居然为了方便把$HOME权限设成了777…..实在太无语了….改成700后一切正常。
debug2: monitor_read: 3 used once, disabling now
debug2: monitor_read: 4 used once, disabling now
debug1: temporarily_use_uid: 94068/55536 (e=0/0)
debug1: trying public key file /scratch/crsusr/.ssh/authorized_keys
Authentication refused: bad ownership or modes for directory /scratch/crsusr
debug1: restore_uid: 0/0
debug1: temporarily_use_uid: 94068/55536 (e=0/0)
debug1: trying public key file /scratch/crsusr/.ssh/authorized_keys2
debug1: restore_uid: 0/0
