Re: SSH / permissions problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/13/2010 10:49 AM, Gary Stainburn wrote:
> Hi folks,
> 
> This seems like de ja vu, but I can't find anything in the archives.
> 
> I've got F13 on my laptop, and also on a new virtual server.
> 
> I've copied my home directory from my old server to my new one and then tried 
> to ssh to the new server.  However, I have a problem
> 
> If I ssh to root on the new server everything is fine, but if I ssh to my user 
> I get errors and X forwarding doesn't work.
> 
> Can anyone suggest things for me to look at / try.
> 
> Gary
> 
> [gary@dcomp5 ~]$ ssh -Y -C lcomp3 -l root
> root@lcomp3's password: 
> Last login: Tue Jul 13 16:04:20 2010 from gary.ringways.co.uk
> [root@lcomp3 ~]# kcalc 
> [root@lcomp3 ~]# logout
> [gary@dcomp5 ~]$ ssh -Y -C lcomp3
> gary@lcomp3's password: 
> Last login: Tue Jul 13 15:55:16 2010 from gary.ringways.co.uk
> /usr/bin/xauth:  timeout in locking authority file /home/gary/.Xauthority
> [gary@lcomp3 ~]$ kcalc
> X11 connection rejected because of wrong authentication.
> kcalc: cannot connect to X server localhost:11.0
> [gary@lcomp3 ~]$ 
> 

If root works, but your local user does not, and you appear to have
gotten beyond the initial login sequence--it seemed to accept password
authentication in both cases--I would suspect something in one of your
~/.bash* files.  I've been burned, multiple times, having something in
my .bashrc or .bash_profile that does something "interactive",
forgetting an ssh shell is batch.

I have the same problem when I try to do things in a cron job when I
forget a cron job is also batch.

I have carefully separated my .bash_profile and .bashrc file into those
parts I always want done and those parts that are interactive.

I place a check in my .bashrc file to prevent interactive stuff being
done in a batch job.

# check for shell is not interactive
    [ -z "${PS1}" ] && return

As a "quick" test, could you save your .bash_profile and .bashrc files,
get the "default" files, and see if you can ssh in?  The default files
should be found /etc/skel/.bash_profile and /etc/skel/.bashrc

Also, I strongly recommend you disable ssh root login and have people
first log into their own account and then su to root.  To disable root
login, please look at /etc/ssh/sshd_config.
In this file, I have
PermitRootLogin no

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkw8swIACgkQyc8Kn0p/AZRgbACffvA3UUlqVw4ICErb/H7NfLk0
8AcAoKe0WgTDz7OwcDb6gPjjXvjNxJz8
=K3YZ
-----END PGP SIGNATURE-----
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux