[Gllug] rssh with public key authentication?
John Edwards
john at cornerstonelinux.co.uk
Wed Dec 8 13:02:42 UTC 2010
On Wed, Dec 08, 2010 at 12:53:39PM +0000, gvim wrote:
<snip>
> It now seems to be a public key problem even with a normal bash login. Steps (CentOS 5.4):
>
> - useradd <user>
> - cp -R ~<existing user>/.ssh ~<new user>/
> - chown -R <new user>:<new user> ~<new user>/.ssh
> - Append to AllowUser line in sshd_config: <new user>@<my ip>
If you need to add "AllowUser" lines to allow a user to login then
you don't have a default Centos/RedHat SSH config. Compare with the
default config file to see what changes there are and if they might
interfere with key authentication.
> - service sshd restart
>
> So now the new user account has the same .ssh/authorized_keys file as an existing user with a working login. However when I try to login all I get is:
Check the contents of the authorized_keys file. It can include
a lot of different restrictions on where logins are allowed from,
what commands can be run, environment, etc.
See 'man sshd' for more details on the options in authorized_keys.
> Permission denied (publickey)
>
> /var/log/secure
>
> ... says nothing other than "Connection closed by <my ip>"
And what does the SSH client say with the verbose flag enabled?
--
#---------------------------------------------------------#
| John Edwards Email: john at cornerstonelinux.co.uk |
#---------------------------------------------------------#
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20101208/ae9f66d7/attachment.pgp>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list