给家里闲置的笔记本装了个ubuntu server扔在家里跑点小任务,设置了证书的ssh登陆,无意中重启的时候发现必须要先将本地的用户登陆后才能ssh远程登陆该用户,否则一直提醒publickey无效.以为是sshd服务没启动,排查后发现开机已经启动了sshd服务.查看/var/log/auth.log发现是登陆被down掉.设置tty自动登陆该用户也无解,必须先登陆该用户才行.WTF!!!!
几经周转,设置/usr/sbin/sshd -d再debug模式下跟踪发现/home/xxx/.ssh/authorized_key文件不存在.怪了,明明有的啊,难道是权限不正确?目录.ssh是700没错,authorized_key是600也没错啊.无意想起来装系统时询问我是否加密home的时候选择了加密,是不是加密的原因?选择root用户登陆后发现xxx用户没登陆的时候home目录内容全部为空,怪不得,原来如此,只有我登陆了后才能访问.ssh目录.原因找到后就好办了,果断卸载加密服务.
以下是ubuntu的帮助中心找到的方法:
To remove this setup:
Ensure that you have moved all relevant data out of your ~/Private directory
Unmount your encrypted private directory
ecryptfs-umount-private Make ~/Private writable again
chmod 700 ~/Private Remove ~/Private, ~/.Private, ~/.ecryptfs (Note: THIS IS VERY PERMANENT AND WILL DELETE ALL YOUR FILES, NOT JUST THE ENCRYPTED COPIES!)
rm -rf ~/Private ~/.Private ~/.ecryptfs Uninstall the utilities
sudo apt-get remove ecryptfs-utils libecryptfs0