问题: 配置免密登录失败, 一直提示密码登录
[rancher@pre-rancher-master-1 ~]$ ssh 192.168.110.38
rancher@192.168.110.38's password:
解决办法: 解锁用户
# 解锁用户
[root@i-c3qr76a0 ~]# usermod --unlock rancher
usermod: unlocking the user's password would result in a passwordless account.
You should set a password with usermod -p to unlock this user's password.
# 需要重新设置密码,之前使用ansible创建 没有设置密码
[root@i-c3qr76a0 ~]# passwd rancher
Changing password for user rancher.
New password: xxxxx
# 查看用户是否被锁定
passwd -S rancher
问题原因:用户被锁定(不确定是否跟未配置用户密码相关)
[root@i-c3qr76a0 ~]# tailf /var/log/messages
Jan 12 14:48:44 i-c3qr76a0 sshd[17477]: Connection closed by invalid user rancher 192.168.110.2 port 55212 [preauth]
Jan 12 14:48:46 i-c3qr76a0 sshd[17479]: User rancher not allowed because account is locked
Jan 12 14:50:46 i-c3qr76a0 sshd[17479]: fatal: Timeout before authentication for 192.168.110.2 port 55224
Jan 12 14:55:38 i-c3qr76a0 chronyd[641]: Source 202.112.31.197 replaced with 94.237.64.20
Jan 12 14:59:28 i-c3qr76a0 systemd: Time has been changed
Jan 12 15:01:01 i-c3qr76a0 systemd: Created slice User Slice of root.
Jan 12 15:01:01 i-c3qr76a0 systemd: Started Session 5 of user root.
Jan 12 15:01:01 i-c3qr76a0 systemd: Removed slice User Slice of root.
Jan 12 15:02:24 i-c3qr76a0 sshd[18246]: User rancher not allowed because account is locked
Jan 12 15:02:32 i-c3qr76a0 sshd[18246]: Connection closed by invalid user rancher 192.168.110.2 port 57058 [preauth]
其他:修改目录权限
40 chmod 700 ~/.ssh/authorized_keys
48 chmod 700 ~/.ssh/