解决 Xshell 无法使用 root 账户远程登录 Linux 的问题

文章目录

  • 问题描述
  • 问题原因
  • 解决办法

笔者出问题时的运行环境:

  • Red Hat Enterprise Linux 9.2 x86_64

  • Xshell 7

问题描述

笔者在新安装的 Red Hat Enterprise Linux 中发现一个问题。在 RHEL 安装完之后,无法在 Xshell 中使用 root 账户远程登录此 Linux,但用其它账户登录然后切换到 root 账户就不会有问题。

Xshell 登录失败时的报错信息如下。

解决 Xshell 无法使用 root 账户远程登录 Linux 的问题_第1张图片

问题原因

原来这是因为笔者在安装 RHEL 时忘记开启允许以 root 账户远程登录的功能,从而导致安装之后无法以 root 账户登录。

解决 Xshell 无法使用 root 账户远程登录 Linux 的问题_第2张图片

解决办法

Linux 既然已经安装了,那就没办法回到过去去纠正前面的错误。幸好 Linux 提供了另一种方法来补救。

  1. 输入如下命令切换到 root 账户,因为后续的操作需要 root 权限。

    su root

  2. 输入如下命令编辑文件 /etc/ssh/sshd_config

    vim /etc/ssh/sshd_config

    对于 RHEL,该文件的原始内容如下:

    #	$OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $
    
    # This is the sshd server system-wide configuration file.  See
    # sshd_config(5) for more information.
    
    # This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin
    
    # The strategy used for options in the default sshd_config shipped with
    # OpenSSH is to specify options with their default value where
    # possible, but leave them commented.  Uncommented options override the
    # default value.
    
    # To modify the system-wide sshd configuration, create a  *.conf  file under
    #  /etc/ssh/sshd_config.d/  which will be automatically included below
    Include /etc/ssh/sshd_config.d/*.conf
    
    # If you want to change the port on a SELinux system, you have to tell
    # SELinux about this change.
    # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
    #
    #Port 22
    #AddressFamily any
    #ListenAddress 0.0.0.0
    #ListenAddress ::
    
    #HostKey /etc/ssh/ssh_host_rsa_key
    #HostKey /etc/ssh/ssh_host_ecdsa_key
    #HostKey /etc/ssh/ssh_host_ed25519_key
    
    # Ciphers and keying
    #RekeyLimit default none
    
    # Logging
    #SyslogFacility AUTH
    #LogLevel INFO
    
    # Authentication:
    
    #LoginGraceTime 2m
    #PermitRootLogin prohibit-password
    #StrictModes yes
    #MaxAuthTries 6
    #MaxSessions 10
    
    #PubkeyAuthentication yes
    
    # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
    # but this is overridden so installations will only check .ssh/authorized_keys
    AuthorizedKeysFile	.ssh/authorized_keys
    
    #AuthorizedPrincipalsFile none
    
    #AuthorizedKeysCommand none
    #AuthorizedKeysCommandUser nobody
    
    # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
    #HostbasedAuthentication no
    # Change to yes if you don't trust ~/.ssh/known_hosts for
    # HostbasedAuthentication
    #IgnoreUserKnownHosts no
    # Don't read the user's ~/.rhosts and ~/.shosts files
    #IgnoreRhosts yes
    
    # To disable tunneled clear text passwords, change to no here!
    #PasswordAuthentication yes
    #PermitEmptyPasswords no
    
    # Change to no to disable s/key passwords
    #KbdInteractiveAuthentication yes
    
    # Kerberos options
    #KerberosAuthentication no
    #KerberosOrLocalPasswd yes
    #KerberosTicketCleanup yes
    #KerberosGetAFSToken no
    #KerberosUseKuserok yes
    
    # GSSAPI options
    #GSSAPIAuthentication no
    #GSSAPICleanupCredentials yes
    #GSSAPIStrictAcceptorCheck yes
    #GSSAPIKeyExchange no
    #GSSAPIEnablek5users no
    
    # Set this to 'yes' to enable PAM authentication, account processing,
    # and session processing. If this is enabled, PAM authentication will
    # be allowed through the KbdInteractiveAuthentication and
    # PasswordAuthentication.  Depending on your PAM configuration,
    # PAM authentication via KbdInteractiveAuthentication may bypass
    # the setting of "PermitRootLogin without-password".
    # If you just want the PAM account and session checks to run without
    # PAM authentication, then enable this but set PasswordAuthentication
    # and KbdInteractiveAuthentication to 'no'.
    # WARNING: 'UsePAM no' is not supported in RHEL and may cause several
    # problems.
    #UsePAM no
    
    #AllowAgentForwarding yes
    #AllowTcpForwarding yes
    #GatewayPorts no
    #X11Forwarding no
    #X11DisplayOffset 10
    #X11UseLocalhost yes
    #PermitTTY yes
    #PrintMotd yes
    #PrintLastLog yes
    #TCPKeepAlive yes
    #PermitUserEnvironment no
    #Compression delayed
    #ClientAliveInterval 0
    #ClientAliveCountMax 3
    #UseDNS no
    #PidFile /var/run/sshd.pid
    #MaxStartups 10:30:100
    #PermitTunnel no
    #ChrootDirectory none
    #VersionAddendum none
    
    # no default banner path
    #Banner none
    
    # override default of no subsystems
    Subsystem	sftp	/usr/libexec/openssh/sftp-server
    
    # Example of overriding settings on a per-user basis
    #Match User anoncvs
    #	X11Forwarding no
    #	AllowTcpForwarding no
    #	PermitTTY no
    #	ForceCommand cvs server
    
    
  3. 将该文件的 #PermitRootLogin prohibit-password 那行改为 PermitRootLogin yes,然后保存该文件。如下图所示。

    解决 Xshell 无法使用 root 账户远程登录 Linux 的问题_第3张图片

  4. 输入如下命令重启 sshd。

    systemctl restart sshd.service

    或者输入如下命令直接重启 Linux。

    reboot

  5. 现在应该就可以在 Xshell 中使用 root 账户远程登录 RHEL 了。

你可能感兴趣的:(疑难杂症,计网/计操,linux,服务器,运维,远程登录,xshell)