On 24/05/2018 12:09, tech-lists wrote:
Hello list,
I'm trying to get (chrooted) sftp login working with public keys. I made
a sftp-only user which works fine, and is chrooted. I created a .ssh
directory with 770 perms (root:user) and put their public key in there
with 600 perms (user:user) however when trying pubkey auth it always
falls back to keyboard-interactive (which will succeed when the password
is applied). I don't know why in key exchange it says it sent a packet
then didn't. Can anyone help please?
Context is recent freebsd-11-stable, both client and server.
I have this in /etc/ssh/sshd_config:
Subsystem sftp internal-sftp
Match User testsftp
ChrootDirectory /usr/home/testsftp
PubkeyAuthentication yes
X11Forwarding no
AllowTcpForwarding no
AuthorizedKeysFile /usr/home/testsftp/.ssh/authorized_keys
ForceCommand internal-sftp
Solved this by setting perms on .ssh dir to be root:user 750 (and not
760 or 770) didn't see this documented anywhere so posting in the hope
this helps others.
--
J.
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[email protected]"
