Awesome, thanks for sharing in advance. We did get the key to work finally... it was a permissions issue! Thanks all!!!
-----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Kirk Wolf Sent: Thursday, March 02, 2017 10:01 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: RACF and public keys FYI, we will be presenting a SHARE session next week on this subject: *Finding the Needle in a Haystack - Diagnosing Common OpenSSH Problems* - Room: Blossom Hill I,II - Session Number: 20125 Thursday, March 09, 2017: 10:00 AM - 11:00 AM http://events.share.org/Winter2017/Public/SessionDetails.aspx?FromPage=Sessions.aspx&SessionID=1900&SessionDateID=20 For this particular issue (file permissions), see slide 45 of the presentation Kirk Wolf Dovetailed Technologies http://dovetail.com On Wed, Mar 1, 2017 at 2:29 PM, Paul Gilmartin < 0000000433f07816-dmarc-requ...@listserv.ua.edu> wrote: > On Wed, 1 Mar 2017 13:00:08 -0700, Jack J. Woehr wrote: > > >Mark Post wrote: > >> If you don't mind them accessing your system in this way (I have > >> severe > doubts about that), just put the key as-is into the target userid's > .ssh/authorized_keys file and have them give it a try. > > > >And make sure the dir .ssh is chmod 700 and the authorized_keys file > >is > chmod 600 or it won't work. > > > I believe .ssh chmod 711 works and I find it convenient for co-workers > to add me to their public_keys file. But I keep my authorized_keys > file 600 rather than 644 -- no need to support browsing. > > and (grand*)parent directories must not be writeable by anyone except > owner. > > -- gil > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
