On Mon, 2003-09-08 at 11:50, Bob Hartung wrote: > > Hi all. A small problem - probably one of interpretation. I am using > sshd on a firewalled inetrnal network to control a server. Server name: > smbserver [machine to be accessed] > Client user name on remote machine: minitwr [machine from which access > to smbserver is made. > > Now when I log onto smbserver via ssh I am doing so with the ' -l root' > suffix to log into the server as root. I placed the key in > '/root/.ssh/authorized_keys' on smbserver but in > '/home/mintwr/.ssh' on minitwr' > > I am still asked for a login each time I connect. Have I placed the > authentication files in the correct directories. As far as the docs to > I believe I have. >
Bob assuming u put the public (id_[dr]sa.pub) in /root/.ssh/authorized_keys and the private key is in /home/minitwr/.ssh and is named the default (id_dsa ir id_rsa) then the issue is very likely to be one of permissions on the server side. sshd will not use a key in a file for which the perms are to lax. I usually chmod 600 .ssh and .ssh/auth* on the server side. If that does not help you can run the client with -vv to get debug info on the client but the perms thing on the server will only show up if you run sshd in debug mode or crank up the logging in sshd_config service sshd stop sshd -d[d][d] more d's mean more output running sshd this way it will dump all the stuff to the terminal and exit when the test session is ended. to do it via the loglevel setting check out man sshd LogLevel Gives the verbosity level that is used when logging messages from sshd. The possible values are: QUIET, FATAL, ERROR, INFO, VER BOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3. The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. Logging with a DEBUG level violates the privacy of users and is not recommended. I forget what debug level shows the perms error but I would start with DEBUG2 Bret -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list