On Wed, 2019-11-27 at 13:47 +0100, Jouk Jansen wrote: > Jakub Jelen wrote on 27-NOV-2019 13:20:25.09 > > > On Tue, 2019-11-26 at 13:27 +0100, Jouk Jansen wrote: > [snip] > > > Question : why does is work with just running "/usr/sbin/sshd" > > > but > > > not with > > > "systemctl start sshd" ? > > This sounds like an issue with selinux permissions on the > > authorizied > > keys file or path to it. Configure sshd to run in debug mode by > > setting > > LogLevel DEBUG3 in sshd_config, restart the service and retry. The > > logs > > will show up in journal and in /var/log/secure pointing the reason > > why > > your key was rejected. > > You are right. I switched selinux off (setenforce 0) and the problem > is > gone. I could not find an entry in the journalctl -e output (but > maybe I > overlooked (too many records)). Perhaps I should look in the selinux > logs, > but where do I find them?
Hello. I would start with sshd logs as I described above. The selinux denials are in /var/log/audit/audit.log but they sometimes do not give enough information what is wrong. Regards, -- Jakub Jelen Senior Software Engineer Security Technologies Red Hat, Inc. _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
