Re: ssh question

Mon, 08 Sep 2003 10:57:20 -0700 

On Mon, 2003-09-08 at 11:50, Bob Hartung wrote:
> 
> Hi all.  A small problem - probably one of interpretation.  I am using 
> sshd on a firewalled inetrnal network to control a server.  Server name: 
> smbserver [machine to be accessed]
> Client user name on remote machine: minitwr  [machine from which access 
> to smbserver is made.
> 
> Now when I log onto smbserver via ssh I am doing so with the ' -l root' 
> suffix to log into the server as root.  I placed the key in 
> '/root/.ssh/authorized_keys' on smbserver but in
> '/home/mintwr/.ssh' on minitwr'
> 
> I am still asked for a login each time I connect.  Have I placed the 
> authentication files in the correct directories.  As far as the docs to 
> I believe I have.
> 

Bob 

assuming u put the public (id_[dr]sa.pub) in /root/.ssh/authorized_keys
and the private key is in /home/minitwr/.ssh and is named the default
(id_dsa ir id_rsa) then the issue is very likely to be one of
permissions on the server side.  sshd will not use a key in a file for
which the perms are to lax. I usually chmod 600 .ssh and .ssh/auth* on
the server side.


If that does not help you can run the client with -vv to get debug info
on the client but the perms thing on the server will only show up if you
run sshd  in debug mode or crank up the logging in sshd_config

service sshd stop
sshd -d[d][d]

more d's mean more output 

running sshd this way it will dump all the stuff to the terminal and
exit when the test session is ended.

to do it via the loglevel setting check out man sshd

LogLevel
       Gives the verbosity level that is used when logging messages from
       sshd.  The possible values are: QUIET, FATAL, ERROR, INFO, VER­
       BOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.  The default is INFO.
       DEBUG and DEBUG1 are equivalent.  DEBUG2 and DEBUG3 each specify
       higher levels of debugging output.  Logging with a DEBUG level
       violates the privacy of users and is not recommended.


I forget what debug level shows the perms error but I would start with DEBUG2

Bret 


-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list

Reply via email to