SSH works as root but noone else

Sat, 11 Dec 1999 03:57:43 -0800 


I've got an internal server that should be able to ssh to all of my
machines passwordless.  This works:
---
30 deathstar /una/cgi-bin # ssh beta
No mail.
DISPLAY set to deathstar.macromedia.com:0.0
1 beta ~ # 
---

Now, there's a firewall in the way so beta can't ssh to deathstar.
Beta has an .shosts file in root's homedir with
'deathstar.macromedia.com root' in it, and
deathstar.macromedia.com's host key in ~root/.ssh/known_hosts

But when I try to do this for another user (root@deathstar ->
user@beta), despite having copied over the .shosts and
.ssh/known_hosts (and changed ownership), I get:
--
31 deathstar /una/cgi-bin # ssh beta -l someuser3 -v
SSH Version 1.2.27 [sparc-sun-solaris2.6], protocol version 1.5.
Standard version.  Does not use RSAREF.
deathstar: Reading configuration data /etc/ssh_config
deathstar: ssh_connect: getuid 0 geteuid 0 anon 0
deathstar: Connecting to beta [207.88.221.241] port 22.
deathstar: Allocated local port 1005.
deathstar: Connection established.
deathstar: Remote protocol version 1.5, remote software version
1.2.26
deathstar: Waiting for server public key.
deathstar: Received server public key (768 bits) and host key (1024
bits).
deathstar: Host 'beta' is known and matches the host key.
deathstar: Initializing random; seed file //.ssh/random_seed
deathstar: Encryption type: idea
deathstar: Sent encrypted session key.
deathstar: Installing crc compensation attack detector.
deathstar: Received encrypted confirmation.
deathstar: Trying rhosts or /etc/hosts.equiv with RSA host
authentication.
deathstar: Remote: Accepted by .shosts.
deathstar: Remote: Your host key cannot be verified: unknown or
invalid host key.
deathstar: Remote: The host name used to check the key was
'deathstar.macromedia.com'.
deathstar: Remote: Try logging back from the server machine with
the canonical host name using ssh, and then try again.
deathstar: Server refused our rhosts authentication or host key.
deathstar: No agent.
deathstar: Doing password authentication.
someuser3@beta's password: 
Permission denied.
32 deathstar /una/cgi-bin # 
---

What am I missing?

-roy

Reply via email to