当前位置:   article > 正文

SSH登陆出现Permission denied (publickey)错误解决方案_ssh permission denied (publickey).

ssh permission denied (publickey).

现象,SSH登陆出现Permission denied (publickey)

[oracle@k8scloud ~]$ ssh oracle@xxx.xxx.xxx.xxx
The authenticity of host 'xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)' can't be established.
ECDSA key fingerprint is SHA256:aXDVFpERDzF1a00CAoBK5/CpFTcv4sI5Gp9vU+zewLU.
ECDSA key fingerprint is MD5:00:a1:b8:24:bb:bd:ca:50:30:d0:fa:f6:4e:d7:20:c2.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'xxx.xxx.xxx.xxx' (ECDSA) to the list of known hosts.
Permission denied (publickey).
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7

确认sshd的进程

发现进程里多了"/usr/sbin/sshd -D -E /var/log/gitlab/supervisor/sshd.log"。

[oracle@k8scloud ~]$ ps -ef|grep ssh
root      1028     1  0 09:20 ?        00:00:00 /usr/sbin/sshd -D
root      1124  1028  0 09:20 ?        00:00:00 sshd: oracle [priv]
oracle    1192  1124  0 09:20 ?        00:00:00 sshd: oracle@pts/0
root      1345  1028  0 09:20 ?        00:00:00 sshd: root@pts/1
root     12856 10579  0 09:21 ?        00:00:00 /usr/sbin/sshd -D -E /var/log/gitlab/supervisor/sshd.log
oracle   26769  1198  0 09:34 pts/0    00:00:00 grep --color=auto ssh
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7

分析原因

主机上运行的kubernetes集群,集群中安装了gitlab,gitlab服务使用TYPE为LoadBalancer,LoadBalancer的EXTERNAL-IP为本机IP(使用Metallb时设置IP取值方范围只用本机IP),并且在PORT(S)里使用了22端口,所以和主机发生了冲突。

[oracle@k8scloud ~]$ kubectl get svc -n public-service
NAME              TYPE           CLUSTER-IP       EXTERNAL-IP      PORT(S)                     AGE
gitlab-balancer   LoadBalancer   10.96.94.71      172.16.100.136   80:32545/TCP,22:30022/TCP   2d18h
  • 1
  • 2
  • 3

解决方法

将gitlab服务使用的PORT(S)从22端口改为其他端口,比如2222。

kubectl edit svc gitlab-balancer -n public-service
  • 1

确认修改结果

[oracle@k8scloud ~]$ kubectl get svc -n public-service
NAME              TYPE           CLUSTER-IP       EXTERNAL-IP      PORT(S)                       AGE
gitlab-balancer   LoadBalancer   10.96.94.71      172.16.100.136   80:32545/TCP,2222:30022/TCP   2d18h
  • 1
  • 2
  • 3

再次尝试ssh链接,ok

[oracle@k8scloud ~]$ ssh oracle@xxx.xxx.xxx.xxx
Last login: Sat Jan  9 09:44:44 2021 from xxx.xxx.xxx.xxx

Welcome to Alibaba Cloud Elastic Compute Service !

  • 1
  • 2
  • 3
  • 4
  • 5

完结!

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/Monodyee/article/detail/169618
推荐阅读
相关标签
  

闽ICP备14008679号