Sam Varshavchik wrote on 26-NOV-2019 14:09:36.69 >Jouk Jansen writes: > >> Hi All, >> >> I'm trying to setup an ssh-server on F31 which logs a user in without a >> password, but with a key-exchange. I generated all the keys and placed them >> in the right locations. It still asks for the password. >> >> Than comes the strange : I stoped the service by "systemctl stop sshd" and >> did run "as root" /usr/sbin/sshd. And than it just worked. (tried to stop >> and start with systemctl again made the passwordless login fail again) >> >> Question : why does is work with just running "/usr/sbin/sshd" but not with >> "systemctl start sshd" ? > >Perhaps the actual command and set up, from sshd.service, will offer a clue: > >EnvironmentFile=-/etc/crypto-policies/back-ends/opensshserver.config >EnvironmentFile=-/etc/sysconfig/sshd-permitrootlogin >EnvironmentFile=-/etc/sysconfig/sshd >ExecStart=/usr/sbin/sshd -D $OPTIONS $CRYPTO_POLICY $PERMITROOTLOGIN > >That's what systemctl start sshd does. /etc/crypto-policies/back-ends/opensshserver.config is the default file of the system. /etc/sysconfig/sshd-permitrootlogin does not exists (and we do not try to logon as root anyway. /etc/sysconfig/sshd : In this file the CRYPTO_POLICY= line is uncommented to allow for more cyphers. (I try to connect from a machine with not the newest cyphers (yes I know the risk)) It used to work on a F30 system, which crashed and is now fresh installed with F31. Can it be that I have to add more cyphers to the /etc/ssh/sshd_conf files? (the public key from the client machine starts with : ssh-rsa) Regards Jouk Pax, vel iniusta, utilior est quam iustissimum bellum. (free after Marcus Tullius Cicero (106 b.Chr.-46 b.Chr.) Epistularum ad Atticum 7.1.4.3) Touch not the cat bot a glove >------------------------------------------------------------------------------< Jouk Jansen joukj@xxxxxxxxxxxxxxxxxxxx Technische Universiteit Delft tttttttttt uu uu ddddddd Kavli Institute of Nanoscience tttttttttt uu uu dd dd Nationaal centrum voor HREM tt uu uu dd dd Lorentzweg 1 tt uu uu dd dd 2628 CJ Delft tt uu uu dd dd Nederland tt uu uu dd dd tel. 31-15-2782272 tt uuuuuuu ddddddd >------------------------------------------------------------------------------< _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx