原来是通过这样的方式避开这个问题。 明白了!现在没问题了! 谢谢dongsheng兄帮忙!非常感谢!
2010/7/6 Dongsheng Song <[email protected]> > 加上这个后,sftp 在执行 startx 之前就会退出。 > > > 2010/7/6 higeon <[email protected]> > >> 感谢dongsheng兄! >> 我在.bashrc最前面加上了 >> [ -z "$PS1" ] && return >> sftp就可以登录了! >> >> 但是还是想知道这问题和我加上的那个自动startx有什么关系。 >> 为什么注释掉那一段就可以登录呢? >> >> >> 2010/7/6 Dongsheng Song <[email protected]> >> >> 从日志看,是客户端不理解服务器的输出,才主动关闭的: >>> >>> >>> Jul 6 10:00:50 atom sshd[4045]: Received disconnect from 192.168.0.231: >>> 11: disconnected by user >>> >>> 你有没有试试我这个方法呢? >>> >>> >>> > 那么可以在 /root/.bashrc 开始增加: >>> > # If not running interactively, don't do anything >>> > [ -z "$PS1" ] && return >>> >>> >>> 2010/7/6 higeon <[email protected]> >>> >>> >>>> 应该跟sftp的版本没有关系。 >>>> 不管我用windows下的winscp还是用linux下的sftp,root都没法连上去。 >>>> 输入密码之后就得到Connection closed的信息。 >>>> 我觉得一定是和.bashrc中的自动startx那段有关系。注释掉之后就可以sftp登录。 >>>> 难道sftp用的是/dev/tty1? >>>> >>>> >> 在/root/.bashrc中添加了 >>>> >>>> >> # Auto start X >>>> >> if [ -z "$DISPLAY" ] && [ $(tty) = /dev/tty1 ]; then >>>> >> while true >>>> >> do >>>> >> startx >>>> >> done >>>> >> fi >>>> >>>> 下面是DEBUG模式下的auth.log输出。 >>>> >>>> Jul 6 10:00:43 atom sshd[4029]: debug1: Forked child 4045. >>>> Jul 6 10:00:43 atom sshd[4045]: debug1: rexec start in 5 out 5 newsock >>>> 5 pipe 7 sock 8 >>>> Jul 6 10:00:43 atom sshd[4045]: debug1: inetd sockets after dupping: 3, >>>> 3 >>>> Jul 6 10:00:43 atom sshd[4045]: Connection from 192.168.0.231 port >>>> 46875 >>>> Jul 6 10:00:43 atom sshd[4045]: debug1: Client protocol version 2.0; >>>> client software version OpenSSH_5.3p1 Debian-3ubuntu4 >>>> Jul 6 10:00:43 atom sshd[4045]: debug1: match: OpenSSH_5.3p1 >>>> Debian-3ubuntu4 pat OpenSSH* >>>> Jul 6 10:00:43 atom sshd[4045]: debug1: Enabling compatibility mode for >>>> protocol 2.0 >>>> Jul 6 10:00:43 atom sshd[4045]: debug1: Local version string >>>> SSH-2.0-OpenSSH_5.1p1 Debian-5 >>>> Jul 6 10:00:48 atom sshd[4045]: debug1: PAM: initializing for "root" >>>> Jul 6 10:00:48 atom sshd[4045]: debug1: PAM: setting PAM_RHOST to >>>> "192.168.0.231" >>>> Jul 6 10:00:48 atom sshd[4045]: debug1: PAM: setting PAM_TTY to "ssh" >>>> Jul 6 10:00:48 atom sshd[4045]: Failed none for root from 192.168.0.231 >>>> port 46875 ssh2 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: PAM: password authentication >>>> accepted for root >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: do_pam_account: called >>>> Jul 6 10:00:50 atom sshd[4045]: Accepted password for root from >>>> 192.168.0.231 port 46875 ssh2 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: monitor_child_preauth: root has >>>> been authenticated by privileged process >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: PAM: establishing credentials >>>> Jul 6 10:00:50 atom sshd[4045]: pam_unix(sshd:session): session opened >>>> for user root by (uid=0) >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: Entering interactive session >>>> for SSH2. >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: server_init_dispatch_20 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: server_input_channel_open: >>>> ctype session rchan 0 win 2097152 max 32768 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: input_session_request >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: channel 0: new [server-session] >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: session_new: session 0 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: session_open: channel 0 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: session_open: session 0: link >>>> with channel 0 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: server_input_channel_open: >>>> confirm session >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: server_input_global_request: >>>> rtype [email protected] want_reply 0 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: server_input_channel_req: >>>> channel 0 request env reply 0 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: session_by_channel: session 0 >>>> channel 0 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: session_input_channel_req: >>>> session 0 req env >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: server_input_channel_req: >>>> channel 0 request subsystem reply 1 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: session_by_channel: session 0 >>>> channel 0 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: session_input_channel_req: >>>> session 0 req subsystem >>>> Jul 6 10:00:50 atom sshd[4045]: subsystem request for sftp >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: subsystem: exec() >>>> /usr/lib/openssh/sftp-server >>>> Jul 6 10:00:50 atom sshd[4047]: debug1: SELinux support disabled >>>> Jul 6 10:00:50 atom sshd[4047]: debug1: PAM: reinitializing credentials >>>> Jul 6 10:00:50 atom sshd[4047]: debug1: permanently_set_uid: 0/0 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: Received SIGCHLD. >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: session_by_pid: pid 4047 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: session_exit_message: session 0 >>>> channel 0 pid 4047 >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: session_exit_message: release >>>> channel 0 >>>> Jul 6 10:00:50 atom sshd[4045]: Received disconnect from 192.168.0.231: >>>> 11: disconnected by user >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: do_cleanup >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: PAM: cleanup >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: PAM: deleting credentials >>>> Jul 6 10:00:50 atom sshd[4045]: debug1: PAM: closing session >>>> Jul 6 10:00:50 atom sshd[4045]: pam_unix(sshd:session): session closed >>>> for user root >>>> >>>> >>>> >>>> 2010/7/5 Dongsheng Song <[email protected]> >>>> >>>>> 改 LogLevel 为 VERBOSE 之后,也没有看到 sftp 的错误,看来需要改为 DEBUG。 >>>>> >>>>> 根据这里的信息,似乎是你的 sftp 客户端比较旧,不能理解非交互输出的内容。 >>>>> http://www.openssh.org/faq.html#2.9 >>>>> >>>>> 那么可以在 /root/.bashrc 开始增加: >>>>> >>>>> # If not running interactively, don't do anything >>>>> [ -z "$PS1" ] && return >>>>> >>>>> >>>>> >>>>> 2010/7/5 higeon <[email protected]> >>>>> >>>>>> 改LogLevel为VERBOSE 之后 >>>>>> 看到如下的log输出 >>>>>> >>>>>> Jul 5 17:57:09 atom sshd[3789]: Connection from 192.168.0.105 port >>>>>> 49681 >>>>>> Jul 5 17:57:09 atom sshd[3789]: Address 192.168.0.105 maps to >>>>>> atom.local, but this does not map back to the address - POSSIBLE >>>>>> BREAK-IN ATTEMPT! >>>>>> Jul 5 17:57:09 atom sshd[3789]: Failed none for root from >>>>>> 192.168.0.105 port 49681 ssh2 >>>>>> Jul 5 17:57:30 atom sshd[3789]: Accepted password for root from >>>>>> 192.168.0.105 port 49681 ssh2 >>>>>> Jul 5 17:57:30 atom sshd[3789]: pam_unix(sshd:session): session >>>>>> opened for user root by (uid=0) >>>>>> Jul 5 17:57:30 atom sshd[3789]: subsystem request for sftp >>>>>> Jul 5 17:57:30 atom sshd[3789]: Connection closed by 192.168.0.105 >>>>>> Jul 5 17:57:30 atom sshd[3789]: pam_unix(sshd:session): session >>>>>> closed for user root >>>>>> Jul 5 17:57:30 atom sshd[3789]: Transferred: sent 1960, received 1424 >>>>>> bytes >>>>>> Jul 5 17:57:30 atom sshd[3789]: Closing connection to 192.168.0.105 >>>>>> port 49681 >>>>>> >>>>>> >>>>>> 问题在哪? >>>>>> >>>>>> >>>>>> 2010/7/5 Dongsheng Song <[email protected]>: >>>>>> > 我用普通用户没有问题。 >>>>>> > 你修改 sshd 的日志级别,再登录 sftp,看看 sshd 的日志报告什么问题? >>>>>> > >>>>>> > Syslog Facility AUTH >>>>>> > LogLevel VERBOSE 或 DEBUG >>>>>> > >>>>>> > tail -f /var/log/auth.log >>>>>> > >>>>>> > 2010/7/5 higeon <[email protected]> >>>>>> >> >>>>>> >> 在debian 5.04 lenny下我按照下面的方法设定了root的自动登录和自动startx。 >>>>>> >> 后 来发现用root用户sftp登录登不进去。但是ssh却没问题。 >>>>>> >> 我发现只要去掉root用户的.bashrc中的自动startx设定,sftp就可以正常登录。 >>>>>> >> >>>>>> >> root自动登录和自动startx的设定如下: >>>>>> >> >>>>>> >> 修改/etc/inittab >>>>>> >> 把 >>>>>> >> 1:2345:respawn:/sbin/getty 38400 tty1 >>>>>> >> 修改为 >>>>>> >> 1:2345:respawn:/sbin/rungetty tty1 --autologin root >>>>>> >> >>>>>> >> 在/root/.bashrc中添加 >>>>>> >> # Auto start X >>>>>> >> if [ -z "$DISPLAY" ] && [ $(tty) = /dev/tty1 ]; then >>>>>> >> while true >>>>>> >> do >>>>>> >> startx >>>>>> >> done >>>>>> >> fi >>>>>> >> >>>>>> >> ※以上设定我参考了 >>>>>> >> http://forums.debian.net/viewtopic.php?t=29333 >>>>>> >> >>>>>> >> ※PermitRootLogin 设定为 yes,没有改过。 >>>>>> >> >>>>>> >> 谁能帮忙解决这个问题? >>>>>> >> >>>>>> >> 谢谢! >>>>>> > >>>>>> > >>>>>> >>>>> >>>>> >>>> >>> >> >
