kenh00000
6th August 2011, 12:44 AM
Hello,
I am having problems using ssh with key authentication into root. (Note that using keys to users other than root works fine. Heck using the SAME key to other users works fine!)
After some extensive troubleshooting, I have found that if I stop the service, and run sshd by hand everything works correctly.
Here is the problem, sshd is complaining that the permissions are incorrect in the logfile:
sshd[5640]: debug1: PAM: initializing for "root"
sshd[5641]: debug1: userauth-request for user root service ssh-connection method publickey
sshd[5641]: debug1: attempt 1 failures 0
sshd[5641]: debug1: test whether pkalg/pkblob are acceptable
sshd[5640]: debug1: PAM: setting PAM_RHOST to "mgmt"
sshd[5640]: debug1: PAM: setting PAM_TTY to "ssh"
sshd[5640]: debug1: temporarily_use_uid: 0/0 (e=0/0)
sshd[5640]: debug1: trying public key file /root/.ssh/authorized_keys
sshd[5640]: debug1: Could not open authorized keys '/root/.ssh/authorized_keys': Permission denied
:mad:
sshd[5640]: debug1: restore_uid: 0/0
sshd[5640]: debug1: temporarily_use_uid: 0/0 (e=0/0)
sshd[5640]: debug1: trying public key file /root/.ssh/authorized_keys2
sshd[5640]: debug1: Could not open authorized keys '/root/.ssh/authorized_keys2': No such file or directory
sshd[5640]: debug1: restore_uid: 0/0
sshd[5640]: Failed publickey for root from X port 51254 ssh2
sshd[5641]: Connection closed by X
sshd[5641]: debug1: do_cleanup
sshd[5640]: debug1: do_cleanup
sshd[5640]: debug1: PAM: cleanup
sshd[5640]: debug1: audit_event: unhandled event 12
My files are:
drwx------. 2 root root 4.0K Aug 1 11:30 .ssh
-rw-------. 1 root root 606 Jul 30 13:03 authorized_keys
The process:
root 5700 1 0 16:24 ? 00:00:00 /usr/sbin/sshd
Now we try the following:
service stop sshd
/usr/sbin/sshd
The process:
root 5733 1 0 16:27 ? 00:00:00 /usr/sbin/sshd
The debug:
sshd[5738]: debug1: PAM: initializing for "root"
sshd[5739]: debug1: userauth-request for user root service ssh-connection method publickey
sshd[5739]: debug1: attempt 1 failures 0
sshd[5739]: debug1: test whether pkalg/pkblob are acceptable
sshd[5738]: debug1: PAM: setting PAM_RHOST to "X"
sshd[5738]: debug1: PAM: setting PAM_TTY to "ssh"
sshd[5738]: debug1: temporarily_use_uid: 0/0 (e=0/0)
sshd[5738]: debug1: trying public key file /root/.ssh/authorized_keys
sshd[5738]: debug1: fd 4 clearing O_NONBLOCK
:blink:
sshd[5738]: debug1: matching key found: file /root/.ssh/authorized_keys, line 1
sshd[5738]: Found matching DSA key: b3:ee:36:bc:15:48:00:f7:f5:39:9e:60:9f:6c:0d:7a
sshd[5738]: debug1: restore_uid: 0/0
sshd[5739]: Postponed publickey for root from X port 58943 ssh2
sshd[5739]: debug1: userauth-request for user root service ssh-connection method publickey
sshd[5739]: debug1: attempt 2 failures 0
sshd[5738]: debug1: temporarily_use_uid: 0/0 (e=0/0)
sshd[5738]: debug1: trying public key file /root/.ssh/authorized_keys
sshd[5738]: debug1: fd 4 clearing O_NONBLOCK
sshd[5738]: debug1: matching key found: file /root/.ssh/authorized_keys, line 1
sshd[5738]: Found matching DSA key: b3:ee:36:bc:15:48:00:f7:f5:39:9e:60:9f:6c:0d:7a
sshd[5738]: debug1: restore_uid: 0/0
sshd[5738]: debug1: ssh_dss_verify: signature correct
sshd[5738]: debug1: do_pam_account: called
sshd[5738]: Accepted publickey for root from X port 58943 ssh2
sshd[5738]: debug1: monitor_child_preauth: root has been authenticated by privileged process
Linux name 2.6.38.8-35.fc15.x86_64 #1 SMP Wed Jul 6 13:58:54 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
I am at a loss. ANY help would be appreciated!
I am having problems using ssh with key authentication into root. (Note that using keys to users other than root works fine. Heck using the SAME key to other users works fine!)
After some extensive troubleshooting, I have found that if I stop the service, and run sshd by hand everything works correctly.
Here is the problem, sshd is complaining that the permissions are incorrect in the logfile:
sshd[5640]: debug1: PAM: initializing for "root"
sshd[5641]: debug1: userauth-request for user root service ssh-connection method publickey
sshd[5641]: debug1: attempt 1 failures 0
sshd[5641]: debug1: test whether pkalg/pkblob are acceptable
sshd[5640]: debug1: PAM: setting PAM_RHOST to "mgmt"
sshd[5640]: debug1: PAM: setting PAM_TTY to "ssh"
sshd[5640]: debug1: temporarily_use_uid: 0/0 (e=0/0)
sshd[5640]: debug1: trying public key file /root/.ssh/authorized_keys
sshd[5640]: debug1: Could not open authorized keys '/root/.ssh/authorized_keys': Permission denied
:mad:
sshd[5640]: debug1: restore_uid: 0/0
sshd[5640]: debug1: temporarily_use_uid: 0/0 (e=0/0)
sshd[5640]: debug1: trying public key file /root/.ssh/authorized_keys2
sshd[5640]: debug1: Could not open authorized keys '/root/.ssh/authorized_keys2': No such file or directory
sshd[5640]: debug1: restore_uid: 0/0
sshd[5640]: Failed publickey for root from X port 51254 ssh2
sshd[5641]: Connection closed by X
sshd[5641]: debug1: do_cleanup
sshd[5640]: debug1: do_cleanup
sshd[5640]: debug1: PAM: cleanup
sshd[5640]: debug1: audit_event: unhandled event 12
My files are:
drwx------. 2 root root 4.0K Aug 1 11:30 .ssh
-rw-------. 1 root root 606 Jul 30 13:03 authorized_keys
The process:
root 5700 1 0 16:24 ? 00:00:00 /usr/sbin/sshd
Now we try the following:
service stop sshd
/usr/sbin/sshd
The process:
root 5733 1 0 16:27 ? 00:00:00 /usr/sbin/sshd
The debug:
sshd[5738]: debug1: PAM: initializing for "root"
sshd[5739]: debug1: userauth-request for user root service ssh-connection method publickey
sshd[5739]: debug1: attempt 1 failures 0
sshd[5739]: debug1: test whether pkalg/pkblob are acceptable
sshd[5738]: debug1: PAM: setting PAM_RHOST to "X"
sshd[5738]: debug1: PAM: setting PAM_TTY to "ssh"
sshd[5738]: debug1: temporarily_use_uid: 0/0 (e=0/0)
sshd[5738]: debug1: trying public key file /root/.ssh/authorized_keys
sshd[5738]: debug1: fd 4 clearing O_NONBLOCK
:blink:
sshd[5738]: debug1: matching key found: file /root/.ssh/authorized_keys, line 1
sshd[5738]: Found matching DSA key: b3:ee:36:bc:15:48:00:f7:f5:39:9e:60:9f:6c:0d:7a
sshd[5738]: debug1: restore_uid: 0/0
sshd[5739]: Postponed publickey for root from X port 58943 ssh2
sshd[5739]: debug1: userauth-request for user root service ssh-connection method publickey
sshd[5739]: debug1: attempt 2 failures 0
sshd[5738]: debug1: temporarily_use_uid: 0/0 (e=0/0)
sshd[5738]: debug1: trying public key file /root/.ssh/authorized_keys
sshd[5738]: debug1: fd 4 clearing O_NONBLOCK
sshd[5738]: debug1: matching key found: file /root/.ssh/authorized_keys, line 1
sshd[5738]: Found matching DSA key: b3:ee:36:bc:15:48:00:f7:f5:39:9e:60:9f:6c:0d:7a
sshd[5738]: debug1: restore_uid: 0/0
sshd[5738]: debug1: ssh_dss_verify: signature correct
sshd[5738]: debug1: do_pam_account: called
sshd[5738]: Accepted publickey for root from X port 58943 ssh2
sshd[5738]: debug1: monitor_child_preauth: root has been authenticated by privileged process
Linux name 2.6.38.8-35.fc15.x86_64 #1 SMP Wed Jul 6 13:58:54 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
I am at a loss. ANY help would be appreciated!
