[Gllug] rssh with public key authentication?

John Edwards john at cornerstonelinux.co.uk
Wed Dec 8 13:02:42 UTC 2010


On Wed, Dec 08, 2010 at 12:53:39PM +0000, gvim wrote:
<snip> 
> It now seems to be a public key problem even with a normal bash login. Steps (CentOS 5.4):
> 
> - useradd <user>
> - cp -R ~<existing user>/.ssh   ~<new user>/
> - chown -R <new user>:<new user>  ~<new user>/.ssh
> - Append to AllowUser line in sshd_config:   <new user>@<my ip>

If you need to add "AllowUser" lines to allow a user to login then
you don't have a default Centos/RedHat SSH config. Compare with the
default config file to see what changes there are and if they might
interfere with key authentication.


> - service sshd restart
> 
> So now the new user account has the same .ssh/authorized_keys file as an existing user with a working login. However when I try to login all I get is:

Check the contents of the authorized_keys file. It can include
a lot of different restrictions on where logins are allowed from,
what commands can be run, environment, etc.

See 'man sshd' for more details on the options in authorized_keys.


> Permission denied (publickey)
> 
> /var/log/secure
> 
> ... says nothing other than "Connection closed by <my ip>"

And what does the SSH client say with the verbose flag enabled?


-- 
#---------------------------------------------------------#
|    John Edwards   Email: john at cornerstonelinux.co.uk    |
#---------------------------------------------------------#
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20101208/ae9f66d7/attachment.pgp>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list