사용자가 SSH에 로그인하는 것을 방지하는 다른 설정이 있습니까?

tag-icon tag-icon linux ssh
사용자가 SSH에 로그인하는 것을 방지하는 다른 설정이 있습니까?

따라서 원격 Linux 서버에 두 명의 사용자가 있습니다: , 및 userA동일한 방식으로 userB로컬을 추가했습니다. id_rsa.pu파일 권한과 소유권은 괜찮지만 그렇게 하면 다음과 같습니다.authorized_keysssh remoteServeruserAuserB

이것은 로그입니다ssh -vvv

좋은 것:ssh -vvv userA@ip

debug2: key: /Users/sato/.ssh/id_rsa (0x7fac52415cc0), explicit
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:****************************************** /Users/sato/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp SHA256:*******************************************
debug1: Authentication succeeded (publickey).
Authenticated to *************** (*********************).

나쁜 점:ssh -vvv userB@ip

debug2: key: /Users/sato/.ssh/id_rsa (0x7faf19c186a0), explicit
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:****************************************** /Users/sato/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
********************: Permission denied (publickey,keyboard-interactive).

userB로 로그인할 수 없는 이유는 무엇입니까?

# ls -ld /home/userB
drwxr-xr-x 7 userB userB 4096 2018-03-29 18:29 /home/userB
# ls -ld /home/userB/.ssh/
drwx------ 2 userB userB 4096 2018-03-30 10:45 /home/userB/.ssh/
# ls -l /home/userB/.ssh/
total 16
-rw------- 1 userB userB  805 2018-03-30 10:45 authorized_keys
-rw------- 1 userB userB 1675 2018-02-15 16:15 id_rsa
-rw-r--r-- 1 userB userB  400 2018-02-15 16:15 id_rsa.pub
-rw-r--r-- 1 userB userB 1300 2018-02-15 16:27 known_hosts

# ls -ld /home/userA
drwxr-xr-x 21 userA userA 4096 2018-03-21 16:13 /home/userA
# ls -ld /home/userA/.ssh/
drwx------ 2 userA userA 4096 2018-03-30 10:45 /home/userA/.ssh/
# ls -l /home/userA/.ssh/
total 128
-rw------- 1 userA userA    805 2018-03-30 10:45 authorized_keys
-rw------- 1 userA userA   3243 2018-01-05 17:09 id_rsa
-rw-r--r-- 1 userA userA    747 2018-01-05 17:09 id_rsa.pub
-rw-r--r-- 1 userA userA 104246 2018-03-06 15:09 known_hosts

sshd_config:

HostKey /etc/ssh/ssh_host_key
HostDsaKey /etc/ssh/ssh_host_dsa_key
ServerKeyBits 768
LoginGraceTime 120
KeyRegenerationInterval 3600
PermitRootLogin no
IgnoreRhosts no
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
SyslogFacility AUTH
LogLevel VERBOSE
RhostsRSAAuthentication no
RSAAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no

관련 정보