non-root keypair logins

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I am trying to help a friend with some keypair-based login problems,
and am a little stumped!

For quite some time, she had keypair-based logins working for a few
users, but at some point, it stopped functioning.  She says that it
probably happened after doing a system update, thus updating the
OpenSSH package.  All of the machines in question are running Fedora
Core 2, with OpenSSH 3.6.1p2.

Keypair-based logins *do* work for root, but not for any other user.
I've created test users and set up keypairs all day long, and it works
for *root* on the FC2 machines, but not for regular users.  It will,
however, work for regular users on her CentOS 4.3 machines.

Comparing the ssh_config and sshd_config files between machines with
the desired behavior and those without hasn't turned up anything that
would (to me) explain the difference - is there something obvious that
I should be lookin for?



Re: non-root keypair logins

Quoted text here. Click to load it

Set the permissions of the remote user's .ssh directory to 700.
Set the permissions of the remote user's .ssh/authorized_keys file to 600.
Set both the user's home directory permissions to 750.
Make sure that all above the files and directories are owned by the

If that doesn't work then you need to tell us exactly what error you get.

Also note that the best way to debug issues with sshd is to run the daemon
in debug mode, try to connect to it and read the error messages


Re: non-root keypair logins

  Richard Silverman

Site Timeline