docker and ssh issues

docker run -i -t qcdatainc/centos-jdk
yum update

yum install openssh-server

ssh -vvv -p 222 jenkins@172.17.0.17 //investigate ssh problems.

解决问题的思路:
1、先看看ssh服务是否启动。(service sshd status)
2、检查iptables防火墙是否拦截。(iptables -L)
3、检查/etc/hosts.allow,/etc/hosts.deny配置文件

SSH 客户端登陆以后自动退出

用-v 调试 部分日志:

ssh -v root@127.0.0.1 -p 23

23端口映射docker的一个centos容器

debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: password
root@127.0.0.1's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = zh_CN.UTF-8
Last login: Mon Jun 23 12:52:01 2014 from 172.17.42.1
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
Connection to 127.0.0.1 closed.
Transferred: sent 1912, received 2128 bytes, in 0.0 seconds
Bytes per second: sent 55065.8, received 61286.6
debug1: Exit status 254
此问题 解决方案:

/etc/ssh/sshd_config 中的UsePAM yes 改成no

即可登录。

或者在docker file中加入

RUN sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config
RUN sed -ri 's/#UsePAM no/UsePAM no/g' /etc/ssh/sshd_config

 

如果添加指纹的时候提示添加失败,是因为你以前添加过了这个ip的指纹。

   解决办法:将.ssh目录的known_hosts文件删除掉(好粗暴啊( ⊙ o ⊙ )啊!),也可以打开这个文件把对于ip的那条记录删除(这个就精细多了O(∩_∩)O哈哈~)

  如果操作步骤都正确,但是依然要求输入密码。一般是因为权限的问题。命令如下

chmod 644 ~/.ssh/authorized_keys

 

今天在服务器上执行远程操作命令出现以下的问题:
[root@www ~]# ssh 205.209.161.**
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
6c:74:2a:d5:ae:2b:76:51:*:*.

解决方法:
在正在操作的机器上执行
vi ~/.ssh/known_hosts
 
进入此目录,删除的205.209.161.**相关rsa的信息即可.
或者删除这个文件
cd ~/.ssh/
rm known_hosts

posted on 2015-07-31 09:39  szllq2000  阅读(479)  评论(1编辑  收藏  举报