Bug#633526: [vserver] Bug#633526: vserver kernel breaks ssh public_key authentication on NFS
On Tue, Jul 12, 2011 at 04:27:55AM +0100, Ben Hutchings wrote: > Does anyone understand this problem or have an idea of how to > investigate it? we now understand the problem, and it was fixed for 3.0.4 with the following patch: http://vserver.13thfloor.at/ExperimentalT/delta-nfs-fix02.diff I'll try to provide similar patches for older kernels in the following days ... best, Herbert > Ben. > Forwarded Message > From: Harald Dunkel > Reply-to: Harald Dunkel , 633...@bugs.debian.org > To: sub...@bugs.debian.org > Subject: Bug#633526: vserver kernel breaks ssh public_key authentication on > NFS > Date: Mon, 11 Jul 2011 09:19:24 +0200 > Package: linux-image-2.6-vserver-amd64 > Version: 2.6.32+29 > If I use the vserver kernel on a remote host, then I > cannot login via ssh and public_key authentication. AFAICS > the access rights to my authorized_keys file get corrupted. > Before I try to login it shows on the remote host: > # ls -l /home/hdunkel/.ssh/authorized_keys > -rw--- 1 hdunkel users 1406 Jun 15 14:34 authorized_keys > When I try to login I am asked for a password (although > authorized_keys is set correctly). After this attempt I > see on the remote host: > # ls -al /home/hdunkel/.ssh/authorized_keys > -rw--- 1 4294967294 4294967294 1406 Jun 15 14:34 authorized_keys > "sshd -d" shows that sshd doesn't like this. > Using the regular Squeeze kernel without vserver patch > there is no such problem. > /home is mounted via NFS: > # cat /proc/mounts | grep /home > nfs-home:/space/home /home nfs4 > rw,relatime,vers=4,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=172.19.96.103,minorversion=0,addr=172.19.96.215 > 0 0 > The NFS server runs Squeeze, too. > Regards > Harri -- To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110930001047.gk8...@mail.13thfloor.at
Bug#633526: [vserver] Bug#633526: vserver kernel breaks ssh public_key authentication on NFS
On Tue, Jul 12, 2011 at 04:27:55AM +0100, Ben Hutchings wrote: > Does anyone understand this problem or have an idea of how to > investigate it? I do not really understand the problem (yet) here are some questions: - NFS server is Linux-VServer patched? (yes, no) if so then: + NFS server has NFS tagging enabled? (yes, no) + filesystem exported is tagged? (yes, no) if so then: * what tagging and what filesystem is used? - NFS client is Linux-VServer patched? (yes, no) + if so then NFS client has NFS tagging enabled? (yes, no) thanks in advance, Herbert > Ben. > Forwarded Message > From: Harald Dunkel > Reply-to: Harald Dunkel , 633...@bugs.debian.org > To: sub...@bugs.debian.org > Subject: Bug#633526: vserver kernel breaks ssh public_key authentication on > NFS > Date: Mon, 11 Jul 2011 09:19:24 +0200 > > Package: linux-image-2.6-vserver-amd64 > Version: 2.6.32+29 > > > If I use the vserver kernel on a remote host, then I > cannot login via ssh and public_key authentication. AFAICS > the access rights to my authorized_keys file get corrupted. > > Before I try to login it shows on the remote host: > > # ls -l /home/hdunkel/.ssh/authorized_keys > -rw--- 1 hdunkel users 1406 Jun 15 14:34 authorized_keys > > > When I try to login I am asked for a password (although > authorized_keys is set correctly). After this attempt I > see on the remote host: > > # ls -al /home/hdunkel/.ssh/authorized_keys > -rw--- 1 4294967294 4294967294 1406 Jun 15 14:34 authorized_keys > > "sshd -d" shows that sshd doesn't like this. > > Using the regular Squeeze kernel without vserver patch > there is no such problem. > > /home is mounted via NFS: > > # cat /proc/mounts | grep /home > nfs-home:/space/home /home nfs4 > rw,relatime,vers=4,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=172.19.96.103,minorversion=0,addr=172.19.96.215 > 0 0 > > The NFS server runs Squeeze, too. > > > Regards > > Harri > > > -- To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110712210453.ga11...@mail.13thfloor.at
Bug#633526: [vserver] Bug#633526: vserver kernel breaks ssh public_key authentication on NFS
On Tue, Jul 12, 2011 at 11:04:53PM +0200, Herbert Poetzl wrote: > On Tue, Jul 12, 2011 at 04:27:55AM +0100, Ben Hutchings wrote: > > Does anyone understand this problem or have an idea of how to > > investigate it? > > I do not really understand the problem (yet) here are some > questions: > > - NFS server is Linux-VServer patched? (yes, no) >if so then: >+ NFS server has NFS tagging enabled? (yes, no) >+ filesystem exported is tagged? (yes, no) > if so then: > * what tagging and what filesystem is used? > > - NFS client is Linux-VServer patched? (yes, no) > + if so then NFS client has NFS tagging enabled? (yes, no) Harald, did you see the followup questions? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110730100202.GA5902@pisco.westfalen.local
