From owner-freebsd-questions@FreeBSD.ORG  Thu Jan 18 22:44:58 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 8B3F316A416
	for <freebsd-questions@freebsd.org>;
	Thu, 18 Jan 2007 22:44:58 +0000 (UTC)
	(envelope-from news@nermal.rz1.convenimus.net)
Received: from mx1.netclusive.de (mx1.netclusive.de [89.110.132.131])
	by mx1.freebsd.org (Postfix) with ESMTP id 4D6BC13C442
	for <freebsd-questions@freebsd.org>;
	Thu, 18 Jan 2007 22:44:58 +0000 (UTC)
	(envelope-from news@nermal.rz1.convenimus.net)
Received: from nermal.rz1.convenimus.net (p3EE21983.dip0.t-ipconnect.de
	[62.226.25.131])
	by mx1.netclusive.de (Postfix) with ESMTP id B0182DE8257
	for <freebsd-questions@freebsd.org>;
	Thu, 18 Jan 2007 23:44:56 +0100 (CET)
Received: by nermal.rz1.convenimus.net (Postfix, from userid 8)
	id E2D4A15213; Thu, 18 Jan 2007 23:44:55 +0100 (CET)
To: freebsd-questions@freebsd.org
Path: not-for-mail
From: Christian Baer <christian.baer@uni-dortmund.de>
Newsgroups: gmane.os.freebsd.questions
Date: Thu, 18 Jan 2007 23:44:55 +0100 (CET)
Organization: Convenimus Projekt
Lines: 26
Message-ID: <eoot97$15r6$1@nermal.rz1.convenimus.net>
References: <eooa8o$14k0$2@nermal.rz1.convenimus.net>
	<ff4d9d1d0701180950l575ef870ra6eda309dfdd47fc@mail.gmail.com>
NNTP-Posting-Host: garfield.rz1.convenimus.net
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Trace: nermal.rz1.convenimus.net 1169160295 38758 192.168.100.11 (18 Jan
	2007 22:44:55 GMT)
X-Complaints-To: abuse@convenimus.net
NNTP-Posting-Date: Thu, 18 Jan 2007 22:44:55 +0000 (UTC)
User-Agent: slrn/0.9.8.1 (FreeBSD)
Subject: Re: ssh public key authentification
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jan 2007 22:44:58 -0000

On Thu, 18 Jan 2007 11:50:52 -0600 Parker Anderson wrote:

> Have you verified the permissions of the authorized_keys file on the
> server?  If you have permissions set too loose (e.g. unneeded
> read/write permission to groups/other users), sshd may be refusing to
> trust that file.

The directory has mode 700 and the file hast 600. Restricting these any
further could result in a problem. :-)

> You may wish to give this a read (it mostly just covers those points):
> http://www.freebsddiary.org/ssh-authorized-keys.php

Ok, I did that. Now it works! :-)

The problem was not the authorized_keys file itself, it was my home
directory. This had mode 770, which seemed fine to me as it is owned
by christian:christian. Making it group-readable shouldn't pose a
security problem, as only I will be in this group. However, sshd didn't
see it that way, it seems. Now that I changed it to 750, all is 
fine. :-)

Thanks für your help!

Good night!
Chris