由于业务需要,我按照 这篇文章 的提示设置了一个无 shell 权限的用户,但是却连接不上。
启用 -v 选项后有如下输出
debug1: Authentication succeeded (password).
Authenticated to xx.xx.xx.xx ([xx.xx.xx.xx]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
Connection to xx.xx.xx.xx closed by remote host.
Transferred: sent 2444, received 1804 bytes, in 0.0 seconds
Bytes per second: sent 13890079.9, received 10252743.1
debug1: Exit status -1
Couldn’t read packet: Connection reset by peer
很苦恼,谷歌了很久后终于发现了两篇文章:https://unix.stackexchange.com/questions/274995/sftp-ssh-couldnt-read-packet-connection-reset-by-peer、https://ubuntuforums.org/showthread.php?t=1482005。
主要意思是说,在 /etc/ssh/sshd_config 里设置的 ChrootDirectory 的所有者必须是 root,而且该目录的组和其他用户不能有写权限。