authorized_keys in /tmp/.ssh?
- From: "Clem Taylor" <clem.taylor@xxxxxxxxx>
- Date: Wed, 18 Oct 2006 14:36:35 -0400
I'm working on an embedded Linux system that has a read-only jffs2
root file system. /tmp is a tmpfs file system for files that need to
be writable. Anything that needs writable files is symlinked to /tmp.
The only way to connect to the machine is via openssh. Right now we
use a mixture of password and public key authorization and I'm trying
to remove the password based auth. As part of this change, I need to
create root's authorized_keys file at boot time. So now I have
/root/.ssh/authorized_keys symlinked to /tmp/.ssh/authorized_keys.
/tmp is 1777, but /tmp/.ssh is 0700. When I attempt to login using a
key that is in authorized_keys, I get "sshd: Authentication refused:
bad ownership or modes for directory /tmp". If I change the
permissions of /tmp to 1755, then sshd will allow the login, but this
causes problems for things not running as root that need to write to
It seems that sshd is finding the absolute path of the authorized_keys
file and then stating the first path entry. I'm not quite sure why it
is checking the top level directory and not the permissions of the
directory that contains the authorized_keys.
I'd rather avoid having to separate tmpfs filesystems, so is there an
easy way to work around this problem? I'm using OpenSSH_3.9p1 and