Tim Dunphy wrote, On 10/22/2010 03:30 PM: > hmm.. ok then gordon thanks for the input! how do these permissions grab ya? > > > [bluethundr@LCENT01 ~]$ ls -alh | grep .ssh > -rw------- 1 bluethundr summitnjops 70 Oct 17 14:04 .lesshst > drwx------ 2 bluethundr summitnjops 512 Oct 22 14:06 .ssh > > > [bluethundr@LCENT01 ~]$ ls -lah .ssh > total 34K > drwx------ 2 bluethundr summitnjops 512 Oct 22 14:06 . > drwx------ 106 bluethundr summitnjops 5.5K Oct 22 14:44 .. > -rw------- 1 bluethundr summitnjops 820 Oct 22 14:19 authorized_keys > -rw------- 1 bluethundr summitnjops 1.7K Oct 22 14:18 id_rsa > -rw-r--r-- 1 bluethundr summitnjops 403 Oct 22 14:18 id_rsa.pub > -rw-r--r-- 1 bluethundr summitnjops 20K Oct 22 14:47 known_hosts > [bluethundr@LCENT01 ~]$ > > An experiment for you... Assumptions: 1) NFS v3 2) on the NFS server the file system is named '/exportedfilesytem' 3) have root on both machines 4) on the NFS client the file system is mounted such that it contains bluethundr's home directory 5) root_squash is in play On the NFS server MYNFSFS=/exportedfilesytem grep $MYNFSFS /etc/exports grep $MYNFSFS /etc/exports | grep -v no_root_squash #if you get a line back then root on the client machine is being squashed. man exports #search down for root_squash On the NFS client (virt1) #### login as root #### cd ~bluethundr/.ssh/ #you may have just gotten an error. ls -lah ~bluethundr/.ssh/* #you may have just gotten an error. cat ~bluethundr/.ssh/authorized_keys #you _have_ just gotten an error, and this is the one that stops you IIRC. Suggestions: 1) Consider tightening up perms on id_rsa.pub & known_hosts 2) Open up the _read_ perms on authorized_keys 3a) IIRC you _may_ also have to open up the _read_ perms on ~/.ssh 3b) IIRC you _may_ also have to open up the exec perms on ~/.ssh If you have to do one of 3a or 3b, try each individually and only give as much as you have to. -- Todd Denniston Crane Division, Naval Surface Warfare Center (NSWC Crane) Harnessing the Power of Technology for the Warfighter _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos