Ubuntu
在用巴士底“硬化”後,scp 權限被拒絕
我最近使用Bastille “強化”了兩台 Ubuntu 伺服器,現在我得到*了權限被拒絕:*每當我嘗試 scp 文件時,我都獲得了權限。
- SSH 登錄工作正常。
- 我嘗試添加具有 777 權限的*/scp-dump*文件夾,但仍然出現相同的錯誤,所以我不認為這是權限問題。
- 拖尾*/var/log/auth.log*並沒有真正提供任何資訊,除了
Oct 1 23:08:39 localhost sshd[20876]: Accepted publickey for some-user from [redacted ip] port 49250 ssh2 Oct 1 23:08:40 localhost sshd[20884]: Received disconnect from [redacted ip]: 11: disconnected by user
- 將*-v*標誌與 scp 一起使用會輸出以下內容:
Executing: program /usr/bin/ssh host some-domain.com, user (unspecified), command scp -v -t -- /scpdump OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011 debug1: Reading configuration data /Users/some-user/.ssh/config debug1: Reading configuration data /etc/ssh_config debug1: /etc/ssh_config line 20: Applying options for * debug1: Connecting to some-domain.com [12.34.56.78] port 22. debug1: Connection established. debug1: identity file /Users/some-user/.ssh/id_rsa type 1 debug1: identity file /Users/some-user/.ssh/id_rsa-cert type -1 debug1: identity file /Users/some-user/.ssh/id_dsa type -1 debug1: identity file /Users/some-user/.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1 debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA 8e:83:21:4a:9c:be:57:56:b1:07:5a:14:68:8a:47:dc debug1: Host 'some-domain.com' is known and matches the RSA host key. debug1: Found key in /Users/some-user/.ssh/known_hosts:17 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Offering RSA public key: /Users/some-user/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 debug1: read PEM private key done: type RSA debug1: Authentication succeeded (publickey). Authenticated to some-domain.com ([12.34.56.78]:22). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug1: Sending env LC_CTYPE = C debug1: Sending env LC_MESSAGES = en_AU.utf-8 debug1: Sending env LC_TIME = en_AU.utf-8 debug1: Sending env LC_MONETARY = en_AU.utf-8 debug1: Sending env LC_NUMERIC = en_AU.utf-8 debug1: Sending env LC_COLLATE = en_AU.utf-8 debug1: Sending command: scp -v -t -- /scpdump zsh:1: permission denied: scp debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0 debug1: channel 0: free: client-session, nchannels 1 debug1: fd 0 clearing O_NONBLOCK debug1: fd 1 clearing O_NONBLOCK Transferred: sent 2880, received 2504 bytes, in 0.6 seconds Bytes per second: sent 4563.7, received 3967.9 debug1: Exit status 126 lost connection知道被拒絕的權限可能來自哪裡、我可以查看的配置文件或我應該查看的其他日誌嗎?
zsh:1: permission denied: scp看起來它不允許scp在遠端端執行;檢查那裡的權限。您是否嘗試過scp在該機器上執行以從其他地方提取文件(相對於推送)?