From owner-freebsd-questions Tue Aug 20 6:37:45 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A846D37B400 for ; Tue, 20 Aug 2002 06:37:42 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (happy-idiot-talk.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7078643E3B for ; Tue, 20 Aug 2002 06:37:41 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk ([IPv6:::1]) by smtp.infracaninophile.co.uk (8.12.5/8.12.5) with ESMTP id g7KDbZQI016414; Tue, 20 Aug 2002 14:37:35 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost) by happy-idiot-talk.infracaninophile.co.uk (8.12.5/8.12.5/Submit) id g7KDbTfu016413; Tue, 20 Aug 2002 14:37:29 +0100 (BST) Date: Tue, 20 Aug 2002 14:37:29 +0100 From: Matthew Seaman To: Byron Schlemmer Cc: FreeBSD-Questions Subject: Re: Strange SSH publickey behaviour Message-ID: <20020820133729.GD16083@happy-idiot-talk.infracaninophi> References: <20020820111308.S1572-100000@pan.ehsbrann.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020820111308.S1572-100000@pan.ehsbrann.com> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Aug 20, 2002 at 11:27:16AM +0100, Byron Schlemmer wrote: > I am using OpenSSH (OpenSSH_3.4p1) with protocol version 2 with > publickey authentication. I am able to use my private key > ($HOME/.ssh/id_dsa) to connect to a number of machines on my network > using key based authentication without problems, except to one > particular machine. For the life of me I can't figure out why. If I > create a new key set for my existing user and copy this new public key > over to this box I'm still unable to login with keybased auth. However > if I create a new user account on both the client and server, generate a > key and copy this accross I'm able to login just fine. > > I'm beginning to think this machine just does not like me anymore. Check the permissions of your home directory, the ~/.ssh directory and all the files within it on the troublesome machine. Strip off any group or world write permissions. Also, if your home dir on that box is NFS mounted without root access, make sure that the world can read any files containing *public* key data. OpenSSH will ignore an authorized_keys file if it perceives that someone other than the file's owner or root can modify it, which includes playing tricks moving directories around higher up the directory heirarchy. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Tel: +44 1628 476614 Marlow Fax: +44 0870 0522645 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message