openssh里能否实现public key+passwd的双重认证？？

fei

怎么设？谢了。就是先key认证后再passwd认证。

hongfeng

好像没有这个功能，除非你修改源代码

bigbighd604

这个要通过PAM来实现吧

fei

pam怎么弄？有人能说一下细的步骤吗？

dancingpig

不可以，要密码就没public key

Axin

给密钥加个password试试～～

yongjian

Post by dancingpig
不可以，要密码就没public key

是吗？

1. 
   
2. debug1: Remote protocol version 2.0, remote software version OpenSSH_4.1p1 Debian-6ubuntu1
   
3. debug1: match: OpenSSH_4.1p1 Debian-6ubuntu1 pat OpenSSH*
   
4. debug1: Enabling compatibility mode for protocol 2.0
   
5. debug1: Local version string SSH-2.0-OpenSSH_3.9p1 Debian-1ubuntu2
   
6. debug1: SSH2_MSG_KEXINIT sent
   
7. debug1: SSH2_MSG_KEXINIT received
   
8. debug1: kex: server->client aes128-cbc hmac-md5 none
   
9. debug1: kex: client->server aes128-cbc hmac-md5 none
   
10. debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    
11. debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    
12. debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    
13. debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    
14. debug1: Host 'ubuntu' is known and matches the RSA host key.
    
15. debug1: Found key in /home/yongjian/.ssh/known_hosts:34
    
16. debug1: ssh_rsa_verify: signature correct
    
17. debug1: SSH2_MSG_NEWKEYS sent
    
18. debug1: expecting SSH2_MSG_NEWKEYS
    
19. debug1: SSH2_MSG_NEWKEYS received
    
20. debug1: SSH2_MSG_SERVICE_REQUEST sent
    
21. debug1: SSH2_MSG_SERVICE_ACCEPT received
    
22. debug1: Authentications that can continue: publickey,keyboard-interactive
    
23. [color=Red]debug1: Next authentication method: publickey[/color]
    
24. debug1: Trying private key: /home/yongjian/.ssh/identity
    
25. debug1: Trying private key: /home/yongjian/.ssh/id_rsa
    
26. debug1: Offering public key: /home/yongjian/.ssh/id_dsa
    
27. debug1: Authentications that can continue: publickey,keyboard-interactive
    
28. [color=Red]debug1: Next authentication method: keyboard-interactive
    
29. Password:[/color]
    

复制代码

好象是先验证用public key,然后再用password的吧。。。

dancingpig

Post by yongjian
是吗？

1. 
   
2. debug1: Remote protocol version 2.0, remote software version OpenSSH_4.1p1 Debian-6ubuntu1
   
3. debug1: match: OpenSSH_4.1p1 Debian-6ubuntu1 pat OpenSSH*
   
4. debug1: Enabling compatibility mode for protocol 2.0
   
5. debug1: Local version string SSH-2.0-OpenSSH_3.9p1 Debian-1ubuntu2
   
6. debug1: SSH2_MSG_KEXINIT sent
   
7. debug1: SSH2_MSG_KEXINIT received
   
8. debug1: kex: server->client aes128-cbc hmac-md5 none
   
9. debug1: kex: client->server aes128-cbc hmac-md5 none
   
10. debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    
11. debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    
12. debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    
13. debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    
14. debug1: Host 'ubuntu' is known and matches the RSA host key.
    
15. debug1: Found key in /home/yongjian/.ssh/known_hosts:34
    
16. debug1: ssh_rsa_verify: signature correct
    
17. debug1: SSH2_MSG_NEWKEYS sent
    
18. debug1: expecting SSH2_MSG_NEWKEYS
    
19. debug1: SSH2_MSG_NEWKEYS received
    
20. debug1: SSH2_MSG_SERVICE_REQUEST sent
    
21. debug1: SSH2_MSG_SERVICE_ACCEPT received
    
22. debug1: Authentications that can continue: publickey,keyboard-interactive
    
23. [color=Red]debug1: Next authentication method: publickey[/color]
    
24. debug1: Trying private key: /home/yongjian/.ssh/identity
    
25. debug1: Trying private key: /home/yongjian/.ssh/id_rsa
    
26. debug1: Offering public key: /home/yongjian/.ssh/id_dsa
    
27. debug1: Authentications that can continue: publickey,keyboard-interactive
    
28. [color=Red]debug1: Next authentication method: keyboard-interactive
    
29. Password:[/color]
    

复制代码

好象是先验证用public key,然后再用password的吧。。。

啊，难道偶记错了？我去看看484我看的配置把password关了先~~~~寒个~