Date: Sat, 14 Sep 2019 16:21:51 +0100 From: Matthew Seaman <matthew@FreeBSD.org> To: freebsd-questions@freebsd.org Subject: Re: OT: My ssh authorized_keys doesn't work with nfs/nis Message-ID: <d29f8f92-3301-62b6-cb7c-f053c92e79d7@FreeBSD.org> In-Reply-To: <CAGBxaXn5u196cK_iSjMXLjvEBZe-bDjsJmYMjDspc-dOBJc=AQ@mail.gmail.com> References: <CAGBxaXkVQNE6deyWs9JXh9vqmKz8tLc9HfqC8ZmBLrK2jv7p3A@mail.gmail.com> <5bd0de7e-cf45-36bc-f428-2db37e76b5b9@optusnet.com.au> <CAGBxaXn5u196cK_iSjMXLjvEBZe-bDjsJmYMjDspc-dOBJc=AQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --3gxKIVDUGf0fuKZnFuXe5WZEPTnyS4KDY Content-Type: multipart/mixed; boundary="5lbZqJjw5Jnm8ubFruLsaImrqwo0wKrxX"; protected-headers="v1" From: Matthew Seaman <matthew@FreeBSD.org> To: freebsd-questions@freebsd.org Message-ID: <d29f8f92-3301-62b6-cb7c-f053c92e79d7@FreeBSD.org> Subject: Re: OT: My ssh authorized_keys doesn't work with nfs/nis References: <CAGBxaXkVQNE6deyWs9JXh9vqmKz8tLc9HfqC8ZmBLrK2jv7p3A@mail.gmail.com> <5bd0de7e-cf45-36bc-f428-2db37e76b5b9@optusnet.com.au> <CAGBxaXn5u196cK_iSjMXLjvEBZe-bDjsJmYMjDspc-dOBJc=AQ@mail.gmail.com> In-Reply-To: <CAGBxaXn5u196cK_iSjMXLjvEBZe-bDjsJmYMjDspc-dOBJc=AQ@mail.gmail.com> --5lbZqJjw5Jnm8ubFruLsaImrqwo0wKrxX Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: quoted-printable On 14/09/2019 13:36, Aryeh Friedman wrote: > On Sat, Sep 14, 2019 at 8:21 AM MJ <mjose00@optusnet.com.au> wrote: >=20 >> >> On 14/09/2019 5:39 pm, Aryeh Friedman wrote: >>> My ~/.ssh/authorized_keys files works fine on a machine that is not i= n my >>> NIS domain but when I copy my id_rsa.pub (which is what I did to crea= te >> the >>> non-NIS authorized_keys) to my NIS account and give it the same >> permissions >>> as the working machine it insists on asking for a password. >>> >>> ssh faraway (non-NIS machine) >>> does not ask for a password >>> but >>> ssh nearby (NIS machine) does >> >> Try ssh -vvv. See if that informs you more. >> > One the first things I tried (I spent hours on the before posting): It is frequently more enlightening to turn on debugging on the server side. You can often spin up sshd on a high-numbered port for testing: /usr/bin/sshd -d -d -d -p 2222 This will not daemonize and will only handle one connection attempt. Run that in one window, and then attempt to ssh into the host from anothe= r: ssh -p hostname Cheers, Matthew --5lbZqJjw5Jnm8ubFruLsaImrqwo0wKrxX-- --3gxKIVDUGf0fuKZnFuXe5WZEPTnyS4KDY Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEGfFU7L8RLlBUTj8wAFE/EOCp5OcFAl19BY9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDE5 RjE1NEVDQkYxMTJFNTA1NDRFM0YzMDAwNTEzRjEwRTBBOUU0RTcACgkQAFE/EOCp 5Of12RAAkyBkNb34NqOcDZk8+ayn/L8RHD8+5b9fBVaHxAHElconcQulsSpBJRjZ PNASuzNydtparMHZvp4usrMx8zuonmeKBcKKTclQh+kWOwZjhEhNgtfP29HWBsw0 FniQUNXQ/4grRLbG6lvkm3AAwYQShrGS2n1w11VAtNWqvTszZWOlWW3JjaDIX+kD IaGuk1p4Q5r+x2AiicX3QxayDms0cI1JzSdCCnxIFupjQM90MnLq85NyrtEnmINq 9kK/MtKlB/wQ/sIcamAjLVdEBQVskAeMmtOHZyrStCwm5qjBXCv36Hjm2DEj6V79 MR/3a+jPkOo4tP/wYi4qwJTrrqBDfJbkL2gRE9LYmxJNoNK2+My1gjVB5D5OerqL qR8tSi4abgtNoNyxc6BbxzxeGRAC39oL8fU2WvwXPCUfb++oGBVpnXoXc/vUxiaC eJVbApe+zxxz/tCBw4rhLDPQc+aD6xF6MX6MHwgGzyodnsSvQ3ABYYVsYnpdmFny dhRwConiAN9XqBYNCZpZ7AWkdWprvVl9DFKMbbH9O6afARmTfekaAWDYicM5ECjQ 0AxKSusGq4ih239FGTEYNOBP2Dpn8z+3zoOeYjMIJdeCGm0YQH+LBmOkimm+xj19 4qaoHUbOGD26zYpW5gmGaYA3NmO3R7ftJ288nH0j3HD5Y1QeFhA= =4LVq -----END PGP SIGNATURE----- --3gxKIVDUGf0fuKZnFuXe5WZEPTnyS4KDY--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d29f8f92-3301-62b6-cb7c-f053c92e79d7>