SSH 设置免密登录遇到的报错， Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

连 ssh 时加-vvv 参数，看具体的 Log 分析原因。

私钥的权限设置为 600 了吗？ ~/.ssh/id_rsa

SELinux 问题? 试试 restorecon -r ~/.ssh

@indust 关闭了

@maikcn 设置了的

@lifanxi 怎么理解？菜鸟实在不懂 哈哈

http://laowafang.blog.51cto.com/251518/1364298
你看这个行不行啊

报这个错误，应该是你的公钥和私钥没有配对好。

ssh user@ip -v

看看具体报什么错误。

@noobsheldon 谢谢，这个看过，没用，哈哈

@zzandlove 你是什么系统啊

手工添加的 key 可以参考下我的脚本：

https://coding.net/u/boypt/p/ptcoding/git/raw/master/bash/addkey.sh

如果是 rh 系的要注意 selinux ，用命令

restorecon -R -v $HOME/.ssh

前两天用 google cloud ，想改成 root 直接登录也遇到相同的问题
改 sshd_config ， PermitRootLogin yes ，重启 sshd 服务
然后执行了几个命令，突然就好了，不知道对你有没有帮助
chown -R root:root ~/.ssh
chmod 600 ~/.ssh/authorized_keys
restorecon -r -vv ~/.ssh

@vultr

penSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /root/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: Connecting to 我的 IP [我的 IP] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16
debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 7b:70:a2:01:de:01:13:68:9f:38:2a:32:11:a0:60:7e
debug1: Host ‘我的 IP' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available

debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available

debug1: Unspecified GSS failure. Minor code may provide more information


我改了默认的 22 端口，改成其他的了

@noobsheldon CentOS 7 64

chmod 600 '密钥'

@sunnyyj 谢谢

@aaronzjw 是 600 哦

我有个问题是在 .ssh 里面做了 config 分配，但是每次重启都要执行：`ssh-add -K ~/.ssh/id_rsa` 才可以。谁知道怎么破？

@zzandlove 自己搜吧，关键词： No Kerberos credentials available

@vultr 好咧，十分感谢大神，我研究研究去