Women in Technology

Hear us Roar



Subject:   SSH Problem with Instructions
Date:   2002-05-10 21:12:37
From:   bdharring
Response to: SSH Problem with Instructions

After a frustrating (hugely) night, I have finally cracked it on my setup... this is a stupid error but you cannot have world permissions set on at least the authorized_keys* files, and possibly on the local ./ssh/identity|rsa|dsa pubkeys.
easy way to test this- on the intended system to log into, add to sshd_conf file the option StrictMode no .
if this fixes it (try both ssh -1 and ssh -2 in case you have either protocol setup screwed up), then you should only have to remove the world readable permission.
Good luck with it... I'm still struggling with it, but this at least got it to work for protocol 1.
Full Threads Oldest First

Showing messages 1 through 1 of 1.

  • SSH Problem with Instructions
    2003-05-12 12:13:49  anonymous2 [View]

    FROM HOME WHILE LOGGED IN AS MYSELF 'craig', I GENERATE SOME KEY PAIR:

    ssh-keygen -t dsa

    THEN I BECOME ROOT AND COPY MY KEYS TO MY ROOT ACCOUNT ALSO

    su -
    cd /var/root/.ssh
    cp ~craig/.ssh/id* .

    THEN I TRY MY PORT FORWARDING TO WORK MAIL SERVER, I CHANGED THE HOST NAME

    sudo ssh -2 -L 25:localhost:25 craig@work.example.com

    THE RESULT:
    surprisingly it no longer requires me to enter my root password for PORT FORWARDING on a PRIVILEDGED PORT.

    is this a security violoation.
    it always asked me for my root password prior to even trying to do port forwarding.

    -craig