SSH无法使用root pasword登录

分享于 

20分钟阅读

互联网

  繁體

问题:

root使用.ssh/authorized_keys登录,但是不实用,因为它是只读的文件系统,Telnet root登录也有效。

/etc/ssh/sshd_config


Subsystem sftp = /usr/libexec/sftp-server


PermitRootLogin = yes


PasswordAuthentication = yes


ChallengeResponseAuthentication = yes



/etc/passwd


root:CD.Dnox5Dc2RQ:0:0:root:/home/root:/bin/sh


daemon:x:1:1:daemon:/usr/sbin:/bin/false


bin:x:2:2:bin:/bin:/bin/false


sys:x:3:3:sys:/dev:/bin/false


sync:x:4:100:sync:/bin:/bin/sync


mail:x:8:8:mail:/var/spool/mail:/bin/false


www-data:x:33:33:www-data:/var/www:/bin/false


operator:x:37:37:Operator:/var:/bin/false


test:<hash>/:100:100:user:/home/test:/bin/sh


nobody:x:99:99:nobody:/home:/bin/false


sshd:x:1000:1000:SSH drop priv user:/:/bin/false



/etc/shadow


 daemon:*:10933:0:99999:7:::


 bin:*:10933:0:99999:7:::


 sys:*:10933:0:99999:7:::


 sync:*:10933:0:99999:7:::


 mail:*:10933:0:99999:7:::


 www-data:*:10933:0:99999:7:::


 operator:*:10933:0:99999:7:::


 nobody:*:10933:0:99999:7:::


 sshd:*:::::::



ssh -v root@device


OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017



debug1: Reading configuration data /etc/ssh/ssh_config


debug1: /etc/ssh/ssh_config line 19: Applying options for *


debug1: Connecting to device [192.168.10.202] port 22.


debug1: Connection established.


debug1: identity file /home/jenia/.ssh/id_rsa type 0


debug1: key_load_public: No such file or directory


debug1: identity file /home/jenia/.ssh/id_rsa-cert type -1


debug1: key_load_public: No such file or directory


debug1: identity file /home/jenia/.ssh/id_dsa type -1


debug1: key_load_public: No such file or directory


debug1: identity file /home/jenia/.ssh/id_dsa-cert type -1


debug1: key_load_public: No such file or directory


debug1: identity file /home/jenia/.ssh/id_ecdsa type -1


debug1: key_load_public: No such file or directory


debug1: identity file /home/jenia/.ssh/id_ecdsa-cert type -1


debug1: key_load_public: No such file or directory


debug1: identity file /home/jenia/.ssh/id_ed25519 type -1


debug1: key_load_public: No such file or directory


debug1: identity file /home/jenia/.ssh/id_ed25519-cert type -1


debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3


debug1: Remote protocol version 2.0, remote software version OpenSSH_7.1


debug1: match: OpenSSH_7.1 pat OpenSSH* compat 0x04000000


debug1: Authenticating to device:22 as 'root'


debug1: SSH2_MSG_KEXINIT sent


debug1: SSH2_MSG_KEXINIT received


debug1: kex: algorithm: curve25519-sha256@libssh.org


debug1: kex: host key algorithm: ecdsa-sha2-nistp256


debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none


debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none


debug1: expecting SSH2_MSG_KEX_ECDH_REPLY



debug1: Server host key: ecdsa-sha2-nistp256 SHA256:VY8wYy/5GDoAl39tVLWHtJcUaDFUfLR1/3hiTBbv+ww


 The authenticity of host 'device (192.168.10.202)' can not be established.


 ECDSA key fingerprint is SHA256:VY8wYy/5GDoAl39tVLWHtJcUaDFUfLR1/3hiTBbv+ww.


 Are you sure you want to continue connecting (yes/no)? yes


 Warning: Permanently added 'device,192.168.10.202' (ECDSA) to the list of known hosts.



debug1: rekey after 134217728 blocks


debug1: SSH2_MSG_NEWKEYS sent


debug1: expecting SSH2_MSG_NEWKEYS


debug1: SSH2_MSG_NEWKEYS received


debug1: rekey after 134217728 blocks


debug1: SSH2_MSG_SERVICE_ACCEPT received


debug1: Authentications that can continue: publickey,password,keyboard-interactive


debug1: Next authentication method: publickey


debug1: Offering public key: RSA SHA256:+pbphA33IlRNVBroM+DLokCIZII2eSzo095QDT16gNI /home/jenia/.ssh/id_rsa


debug1: Authentications that can continue: publickey,password,keyboard-interactive


debug1: Trying private key: /home/jenia/.ssh/id_dsa


debug1: Trying private key: /home/jenia/.ssh/id_ecdsa


debug1: Trying private key: /home/jenia/.ssh/id_ed25519


debug1: Next authentication method: keyboard-interactive


debug1: Authentications that can continue: publickey,password,keyboard-interactive



debug1: Next authentication method: password


 root@device password:



debug1: Authentications that can continue: publickey,password,keyboard-interactive


 Permission denied, please try again.



  • /usr/sbin/sshd -ddd

debug2: load_server_config: filename /etc/ssh/sshd_config


debug2: load_server_config: done config len = 244


debug2: parse_server_config: config /etc/ssh/sshd_config len 244


debug3: /etc/ssh/sshd_config:54 setting AuthorizedKeysFile .ssh/authorized_keys


debug3: /etc/ssh/sshd_config:110 setting UsePrivilegeSeparation sandbox 


debug3: /etc/ssh/sshd_config:126 setting Subsystem sftp /usr/libexec/sftp-server


debug1: sshd version OpenSSH_7.1, OpenSSL 1.0.2g 1 Mar 2016


debug1: private host key #0: ssh-rsa SHA256:XXXXXXXXXXXXXXXXXXXXXXXtvkz2AWVxGD065gePcrwgk


debug1: private host key #1: ssh-dss SHA256:XXXXXXXXXXXXXXXXXXXXXXX21Yy3P+jgZdxlnWlPCQ8


debug1: private host key #2: ecdsa-sha2-nistp256 SHA256:XXXXXXXXXXXXXXXXXXXXXtCs3ZIhpDfB0bBPukcIdsc


debug1: private host key #3: ssh-ed25519 SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXzJwAiPEnQSXzrTk


debug1: rexec_argv[0]='/usr/sbin/sshd'


debug1: rexec_argv[1]='-ddd'


debug3: oom_adjust_setup


debug1: Set /proc/self/oom_score_adj from 0 to -1000


debug2: fd 3 setting O_NONBLOCK


debug3: sock_set_v6only: set socket 3 IPV6_V6ONLY


debug1: Bind to port 22 on ::.


Server listening on :: port 22.


debug2: fd 4 setting O_NONBLOCK


debug1: Bind to port 22 on 0.0.0.0.


Server listening on 0.0.0.0 port 22.


debug3: fd 5 is not O_NONBLOCK


debug1: Server will not fork when running in debugging mode.


debug3: send_rexec_state: entering fd = 8 config len 244


debug3: ssh_msg_send: type 0


debug3: send_rexec_state: done


debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8


debug1: inetd sockets after dupping: 3, 3


Connection from 192.168.10.100 port 64175 on 192.168.10.202 port 22


debug1: Client protocol version 2.0; client software version OpenSSH_for_Windows_7.7


debug1: match: OpenSSH_for_Windows_7.7 pat OpenSSH* compat 0x04000000


debug1: Enabling compatibility mode for protocol 2.0


debug1: Local version string SSH-2.0-OpenSSH_7.1


debug2: fd 3 setting O_NONBLOCK


debug3: ssh_sandbox_init: preparing seccomp filter sandbox


debug2: Network child is on pid 25121


debug3: preauth child monitor started


debug3: privsep user:group 1000:1000 [preauth]


debug1: permanently_set_uid: 1000/1000 [preauth]


debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]


debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]


debug1: ssh_sandbox_child: prctl(PR_SET_SECCOMP): Invalid argument [preauth]


debug3: list_hostkey_types: ssh-dss key not permitted by HostkeyAlgorithms [preauth]


debug1: list_hostkey_types: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]


debug1: SSH2_MSG_KEXINIT sent [preauth]


debug1: SSH2_MSG_KEXINIT received [preauth]


debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 [preauth]


debug2: kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]


debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]


debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]


debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]


debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]


debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]


debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]


debug2: kex_parse_kexinit: [preauth]


debug2: kex_parse_kexinit: [preauth]


debug2: first_kex_follows 0 [preauth]


debug2: reserved 0 [preauth]


debug2: kex_parse_kexinit: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c [preauth]


debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa [preauth]


debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]


debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]


debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]


debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]


debug2: kex_parse_kexinit: none [preauth]


debug2: kex_parse_kexinit: none [preauth]


debug2: kex_parse_kexinit: [preauth]


debug2: kex_parse_kexinit: [preauth]


debug2: first_kex_follows 0 [preauth]


debug2: reserved 0 [preauth]


debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none [preauth]


debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none [preauth]


debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]


debug3: mm_key_sign entering [preauth]


debug3: mm_request_send entering: type 6 [preauth]


debug3: mm_request_receive entering


debug3: monitor_read: checking request 6


debug3: mm_answer_sign


debug3: mm_answer_sign: hostkey proof signature 0x7868dac8(99)


debug3: mm_request_send entering: type 7


debug2: monitor_read: 6 used once, disabling now


debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN [preauth]


debug3: mm_request_receive_expect entering: type 7 [preauth]


debug3: mm_request_receive entering [preauth]


debug2: set_newkeys: mode 1 [preauth]


debug1: SSH2_MSG_NEWKEYS sent [preauth]


debug1: expecting SSH2_MSG_NEWKEYS [preauth]


debug2: set_newkeys: mode 0 [preauth]


debug1: SSH2_MSG_NEWKEYS received [preauth]


debug1: KEX done [preauth]


debug1: userauth-request for user root service ssh-connection method none [preauth]


debug1: attempt 0 failures 0 [preauth]


debug3: mm_getpwnamallow entering [preauth]


debug3: mm_request_send entering: type 8 [preauth]


debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]


debug3: mm_request_receive_expect entering: type 9 [preauth]


debug3: mm_request_receive entering [preauth]


debug3: mm_request_receive entering


debug3: monitor_read: checking request 8


debug3: mm_answer_pwnamallow


debug2: parse_server_config: config reprocess config len 244


debug3: auth_shadow_acctexpired: today 2 sp_expire -1 days left -3


debug3: account expiration disabled


debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1


debug3: mm_request_send entering: type 9


debug2: monitor_read: 8 used once, disabling now


debug2: input_userauth_request: setting up authctxt for root [preauth]


debug3: mm_inform_authserv entering [preauth]


debug3: mm_request_send entering: type 4 [preauth]


debug2: input_userauth_request: try method none [preauth]


debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]


debug3: mm_request_receive entering


debug3: monitor_read: checking request 4


debug3: mm_answer_authserv: service=ssh-connection, style=


debug2: monitor_read: 4 used once, disabling now


debug1: userauth-request for user root service ssh-connection method publickey [preauth]


debug1: attempt 1 failures 0 [preauth]


debug2: input_userauth_request: try method publickey [preauth]


debug1: test whether pkalg/pkblob are acceptable [preauth]


debug3: mm_key_allowed entering [preauth]


debug3: mm_request_send entering: type 22 [preauth]


debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]


debug3: mm_request_receive_expect entering: type 23 [preauth]


debug3: mm_request_receive entering [preauth]


debug3: mm_request_receive entering


debug3: monitor_read: checking request 22


debug3: mm_answer_keyallowed entering


debug3: mm_answer_keyallowed: key_from_blob: 0x7868d858


debug1: temporarily_use_uid: 0/0 (e=0/0)


debug1: trying public key file /home/root/.ssh/authorized_keys


debug1: Could not open authorized keys '/home/root/.ssh/authorized_keys': No such file or directory


debug1: restore_uid: 0/0


Failed publickey for root from 192.168.10.100 port 64175 ssh2: RSA SHA256:XXXXXXXXXXXXXXXXXXXXXwXzMcggx2QWBxvEEdpZR71Yo


debug3: mm_answer_keyallowed: key 0x7868d858 is not allowed


debug3: mm_request_send entering: type 23


debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa [preauth]


debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]


debug1: userauth-request for user root service ssh-connection method keyboard-interactive [preauth]


debug1: attempt 2 failures 1 [preauth]


debug2: input_userauth_request: try method keyboard-interactive [preauth]


debug1: keyboard-interactive devs [preauth]


debug1: auth2_challenge: user=root devs= [preauth]


debug1: kbdint_alloc: devices '' [preauth]


debug2: auth2_challenge_start: devices [preauth]


debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]


debug1: userauth-request for user root service ssh-connection method password [preauth]


debug1: attempt 3 failures 2 [preauth]


debug2: input_userauth_request: try method password [preauth]


debug3: mm_auth_password entering [preauth]


debug3: mm_request_send entering: type 12 [preauth]


debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD [preauth]


debug3: mm_request_receive_expect entering: type 13 [preauth]


debug3: mm_request_receive entering [preauth]


debug3: mm_request_receive entering


debug3: monitor_read: checking request 12


debug3: auth_shadow_pwexpired: today 2 sp_lstchg 10933 sp_max 99999


debug3: mm_answer_authpassword: sending result 0


debug3: mm_request_send entering: type 13


Failed password for root from 192.168.10.100 port 64175 ssh2


debug1: Unable to open the btmp file /var/log/btmp: No such file or directory


debug3: mm_auth_password: user not authenticated [preauth]


debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive" [preauth]




答案1:

从root中删除纯文本密码/etc/passwd,并在/etc/shadow文件中添加加密密码

首先从编辑/etc/passwd文件:


root:CD.Dnox5Dc2RQ:0:0:root:/home/root:/bin/sh



到:


root:x:0:0:root:/root:/bin/sh



然后使用openssl命令创建加密的密码:


admin@ubuntu:~$ openssl passwd -1 CD.Dnox5Dc2RQ


$1$A20/AqQt$zBfgwEGWNRLQsSk3bYV6V.



然后向/etc/shadow文件中添加条目:


root:$1$A20/AqQt$zBfgwEGWNRLQsSk3bYV6V.:18550:0:99999:7:::



从现在开始你可以使用root的密码SSH登录



log  roo  SSH  ROOT