Zach, thanks for the tip - now I see that ssh under sudo is using /root/.ssh for it's keys...
sudo allows for the setting of environment variables on the command line. So Which environment variable does ssh use to determine where it looks for it's keys? I assumed it would be HOME, but under sudo HOME is set to the home directory of the user executing sudo not root's home. Thanks, Morgan. On 18/02/09 07:25, Zach wrote: > Try ssh -vvv -t [.....] > > On Mon, Feb 16, 2009 at 8:39 PM, Morgan Read <[email protected]> wrote: > >> My head hurts! >> >> Can anyone help me with what follows - it shows ssh working with pki >> auth in all the permutations I thought might be possible, but lastly >> this command prompts for a password: >> # ssh -t [email protected] sudo rsync -avzAXHn --delete-after >> [email protected]:/etc /media/bigdisk/morgansmachine/etc >> ... >> Permission denied (publickey,gssapi-with-mic,password). >> >> >> [r...@morgansoldmachine /]# ssh [email protected] >> Last login: Sun Feb 15 20:29:39 2009 from morgansoldmachine.lan >> [rs...@morgansmachine ~]$ logout >> Connection to 192.168.1.40 closed. >> >> [r...@morgansoldmachine /]# ssh rs...@morgansmachine >> Last login: Sun Feb 15 20:31:04 2009 from morgansoldmachine.lan >> [rs...@morgansmachine ~]$ logout >> Connection to morgansmachine closed. >> >> [r...@morgansoldmachine /]# ssh [email protected] >> Last login: Sun Feb 15 20:31:18 2009 from morgansoldmachine.lan >> [rs...@morgansmachine ~]$ logout >> Connection to morgansmachine.lan closed. >> >> [r...@morgansoldmachine /]# ssh [email protected] >> Last login: Sun Feb 15 20:31:48 2009 from morgansoldmachine.lan >> >> [rs...@morgansmachine ~]$ ssh [email protected] >> Last login: Sun Feb 15 20:10:52 2009 from morgansmachine.lan >> [r...@morgansoldmachine ~]# logout >> Connection to 192.168.1.100 closed. >> >> [rs...@morgansmachine ~]$ ssh r...@morgansoldmachine >> Last login: Sun Feb 15 20:32:25 2009 from morgansmachine.lan >> [r...@morgansoldmachine ~]# logout >> Connection to morgansoldmachine closed. >> >> [rs...@morgansmachine ~]$ ssh [email protected] >> Last login: Sun Feb 15 20:32:44 2009 from morgansmachine.lan >> [r...@morgansoldmachine ~]# logout >> Connection to morgansoldmachine.lan closed. >> >> [rs...@morgansmachine ~]$ logout >> Connection to 192.168.1.40 closed. >> >> [r...@morgansoldmachine /]# ssh -t [email protected] sudo rsync >> -avzAXHn --delete-after [email protected]:/etc >> /media/bigdisk/morgansmachine/etc >> [email protected]'s password: >> Permission denied, please try again. >> [email protected]'s password: >> Permission denied, please try again. >> [email protected]'s password: >> Permission denied (publickey,gssapi-with-mic,password). >> rsync: connection unexpectedly closed (0 bytes received so far) [receiver] >> rsync error: error in rsync protocol data stream (code 12) at io.c(600) >> [receiver=3.0.5] >> Connection to 192.168.1.40 closed. >> [r...@morgansoldmachine /]# >> >> >> Thanks, >> Morgan. >> -- >> Getting errors: "There are problems with the signature" (or similar)? >> Update your system by installing certificates from CAcert Inc, see here: >> >> http://wiki.cacert.org/wiki/BrowserClients?#head-259758ec5ba51c5205cfb179cf60e0b54d9e378b >> Or, if Internet Explorer is your default browser, simply click this link: >> http://www.cacert.org/index.php?id=17 >> >> Morgan Read >> NEW ZEALAND >> <mailto:mstuffATreadDOTorgDOTnz> >> >> fedora + freedom; fact || fiction? >> http://fedoraproject.org/wiki/Overview >> get freed-ora! >> http://www.fsfla.org/svnwiki/selibre/linux-libre/freed-ora >> >> > -- Getting errors: "There are problems with the signature" (or similar)? Update your system by installing certificates from CAcert Inc, see here: http://wiki.cacert.org/wiki/BrowserClients?#head-259758ec5ba51c5205cfb179cf60e0b54d9e378b Or, if Internet Explorer is your default browser, simply click this link: http://www.cacert.org/index.php?id=17 Morgan Read NEW ZEALAND <mailto:mstuffATreadDOTorgDOTnz> fedora + freedom; fact || fiction? http://fedoraproject.org/wiki/Overview get freed-ora! http://www.fsfla.org/svnwiki/selibre/linux-libre/freed-ora
smime.p7s
Description: S/MIME Cryptographic Signature
