Re: ssh sudo howto? or which home directory? [Was: Re: password prompt, but pki auth working!?...]



On Sun, Mar 08, 2009 at 11:20:09PM +1300, Morgan Read wrote:
On 03/03/09 02:21, Greg Wooledge wrote:
where original_real_uid is set somewhere earlier in ssh.c. I won't
try to track it down any further (especially since I'm looking at
out-of-date sources), but it sure looks like it's evaluating the
home directory based on the current uid or euid, rather than the
contents of $HOME.

It appears none of the environment variables has any impact on where ssh
looks for it's keys.

I think that's what Greg just told you. :)

But I have to ask, if the rsync user's keys are the ones you're trying
to use, and the remote root user has those keys in its authorized_keys
file, why are you bothering with the sudo? If it's because you need
root permissions for the local end of the process, then it seems like
the right thing to do is use root's keys, or have the sudo process
load the rsync user's keys by specifying the identity on the ssh
command line. (It's also possible to play games with ssh-agent, but I
won't go there.) If you specify the key to use outright, there's no
confusion about which key will be tried...

--
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0x81CFE75D

Attachment: pgpI7VVip07u5.pgp
Description: PGP signature



Relevant Pages

  • Re: ssh sudo howto? or which home directory? [Was: Re: password prompt, but pki auth working!?...]
    ... home directory based on the current uid or euid, ... looks for it's keys. ... debug1: Server accepts key: pkalg ssh-dss blen 434 ... Connection to morgansoldmachine closed. ...
    (SSH)
  • Re: Can I copy files (mp3) to flash drive WITHOUT copying invisible files?
    ... followed by at least one non-dot. ... If I ran that on my home directory I would lose loads of important ... directory containing host keys of known hosts etc. ...
    (comp.sys.mac.system)
  • Re: SSH2 question?
    ... is sufficiently well secured that keys cannot be modified by anyone other ... Public keys and the authorized_keys ... file must be stored relative to the home directory of the account they ... Note that this location is relative to the home directory of the account ...
    (freebsd-questions)
  • Re: SSH2 question?
    ... is sufficiently well secured that keys cannot be modified by anyone other ... file must be stored relative to the home directory of the account they ... You can certainly add as many public keys as you want to an authorized ... Note that this location is relative to the home directory of the account ...
    (freebsd-questions)
  • Re: Several keys pressed in the same time (C#, .NETCF, SP2003)
    ... anyway I tried with every key-combination where keys ... > columns are polled, looking for the signals. ... > I'm not aware of Smart Phones specifying this, so I think you're going to be ...
    (microsoft.public.dotnet.framework.compactframework)