hmmm, I found the problem and managed to fix it, but I am not sure if this
isn't broken:
using gdb, I found that sshd fails to stat the 'authorized_keys' files,
which was in /local/home/janjust/.ssh/authorized_keys. Here were the
permissions for the directories and files leading to that file:
drwxr-sr-x 11 root root 4096 Mar 20 15:57 /local
drwxr-s--- 3 root users 4096 Jan 18 11:24 /local/home
drwxr-sr-x 27 janjust users 4096 Apr 4 13:34 /local/home/janjust
drwx------ 2 janjust users 4096 Apr 4 13:12
/local/home/janjust/.ssh
-rw------- 1 janjust users 1357 Jan 16 10:39
/local/home/janjust/.ssh/authorized_keys
the error that stat() returned is 'Permission denied'. After changing the
permissions to
drwxr-sr-x 11 root root 4096 Mar 20 15:57 /local
drwxr-sr-x 3 root users 4096 Jan 18 11:24 /local/home
drwxr-sr-x 27 janjust users 4096 Apr 4 13:59 /local/home/janjust
drwx------ 2 janjust users 4096 Apr 4 13:12
/local/home/janjust/.ssh
-rw------- 1 janjust users 1357 Jan 16 10:39
/local/home/janjust/.ssh/authorized_keys
(i.e. I changed the permissions on /local/home !) everything is working
fine. That's bizar, and I wonder where this is broken - not in OpenSSH
probably, more likely somewhere in glibc...
comments, any one?
TIA,
JJK / Jan Just Keijser
Cisco Systems International BV
Jan Just Keijser wrote:
> I've got a very peculiar problem: I have a single Linux box (kernel
> 2.2.17-14, glibc-2.1.3-22) running OpenSSH 2.5.2p2 that is refusing RSA
> authentication no matter what I try:
>
> the server responds ('sshd -d -d -d', replaced the IP/hostname with
> junk) with
> debug1: Starting up PAM with username "janjust"
> debug1: Trying to reverse map address 666.666.666.666.
> debug1: PAM setting rhost to "whatever"
> debug1: Attempting authentication for janjust.
> Failed rsa for janjust from 666.666.666.666 port 4756
