Re: SSH key authentication - can only login as root



Brian wrote:
Tomasz Chmielewski wrote:
Greg Wooledge wrote:
On Wed, Sep 06, 2006 at 12:10:48PM +0200, Tomasz Chmielewski wrote:
I have a problem with logging in using keys (on Debian).
Sep 6 11:56:13 thecus sshd[18730]: debug1: trying public key file
/home/checkuser/.ssh/authorized_keys
Sep 6 11:56:13 thecus sshd[18730]: debug1: restore_uid: 0/0
Sep 6 11:56:13 thecus sshd[18730]: debug1: temporarily_use_uid:
1001/1001 (e=0/0)
Sep 6 11:56:13 thecus sshd[18730]: debug1: trying public key file
/home/checkuser/.ssh/authorized_keys2
ls -ld / /home /home/checkuser /home/checkuser/.ssh
ls -ld /home/checkuser/.ssh/authorized_keys*

I bet one or more of these directories/files has group write permission
on it.
Nope, all directories/files, starting from /home/checkuser, have only
user permissions.

Stupid me! :)

/home/checkuser/.ssh had only r+w permissions, no +x, so the user with UID!=0 couldn't even look into that directory, not to say open the key... (where root had no problems).

And I did so many configuration and pam changes, tests etc.!

Partly, I could blame OpenSSH: if the permissions are too excessive, it will report it in logs.
If it has too little permissions, it will erroneously say that the key is invalid...

Thanks all for help, I should have pasted "ls -ld /home/..." here; but I learned a bit about OpenSSH, too.

--
Tomasz Chmielewski
http://wpkg.org