Date: Thu, 02 Feb 2006 10:30:16 +1100 From: "david bryce" <davidbryce@fastmail.fm> To: freebsd-questions@freebsd.org Cc: Giorgos Keramidas <keramida@ceid.upatras.gr> Subject: SSH with Public Key Authentication (Was: Re: Attention: Giorgos Keramidas (Was: CVS Import Permissions)) Message-ID: <1138836616.370.253326484@webmail.messagingengine.com> In-Reply-To: <20060131094135.GA2042@flame.pc> References: <1138676399.30955.253148220@webmail.messagingengine.com> <20060131094135.GA2042@flame.pc>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 31 Jan 2006 11:41:35 +0200, "Giorgos Keramidas" <keramida@ceid.upatras.gr> said: > > Giorgos, > > > > Thanks very much for replying! I wasn't aware of this environment > > variable (even though I spent quite a while on this problem). Using > > CVSUMASK certainly works when working on the server machine! > > > > We are currently using a pserver installation, with developers using > > windows machines. We need a way to achieve the same effect with a user on > > a windows machine doing an import. Do you have any idea how this can be > > done? Thank you! > > I'm not sure. I know that the setting of CVSUMASK on the server machine > works if you use SSH tunneling though. If it's not too much trouble, you > can set up SSH-based authentication instead of :pserver: and make sure > the > .bashrc or .cshrc of the developers on the server machine sets CVSUMASK > correctly. > > SSH-tunneled CVS is what the FreeBSD project uses in the official CVS > repository, so I guess this setup works as expected :) Giorgos, Thanks again for taking the time to reply. I have tried using SSH in the past, and got stuck setting up the public key login (that's why we're using pserver). I spent a few hours yesterday trying to get SSH going again. I can login with SSH from the windows machine using Putty, but only when I use password authentication. In order to use cvs with ssh (using the plink program in Putty), we must use public key authentication. We are getting a 'Key Refused' error when trying to use public key authentication. I have tried doing several things including editing the /etc/ssh/sshd_config file: PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys We also had to make these changes in order to get password based ssh to work: UsePAM no PermitRootLogin yes We also tried putting the public key into various files: .ssh/authorized_keys .ssh/authorized_keys2 .ssh2/authorized_keys .ssh2/authorized_keys2 (and made sure they are not group/world writable. The keys are SSH2 DSA 1024 bits) I tried looking in the /var/log/auth.log file, and what I'm seeing is: Feb 2 10:19:26 mail1 sshd2[15343]: connection from "xxx.xx.xxx.x" Feb 2 10:19:26 mail1 sshd2[15344]: WARNING: DNS lookup failed for "xxx.xx.xxx.\ x". Feb 2 10:19:29 mail1 sshd2[15344]: Local disconnected: Connection closed. Feb 2 10:19:29 mail1 sshd2[15344]: connection lost: 'Connection closed.' (I set "LogLevel DEBUG3" in sshd_config. I don't think the DNS error is relevant, because password based ssh is working. But I could wrong. What do you think?) Do you have any idea where I can look to find out why the key is being refused? Are there any other logfiles other than auth.log that could give a clue to what's going wrong? Thanks! Regards, DB -- david bryce davidbryce@fastmail.fm -- http://www.fastmail.fm - A fast, anti-spam email service.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1138836616.370.253326484>