Re: CentOS 6.5 fresh install, public ssh keys cannot authenticate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I noticed that authorized keys had the group-write-bits set to 6.

I fixed it:

chmod 644 ~dan/.ssh/authorized_keys

Now I can authenticate via public-key.

Yay!
Thanks Stephen


On 5/9/14, Stephen Harris <lists@xxxxxxxxxx> wrote:
> On Fri, May 09, 2014 at 03:42:52PM -0700, Greg Bailey wrote:
>> I think you're missing:
>>
>> chmod 600 ~dan/.ssh/authorized_keys
>>
>> Without it, sshd won't use the authorized_keys file if it's readable by
>> other users.  (I think that's related to "StrictMode"; consult sshd man
>> page)
>
> No.  Public keys are public and are happy to be readable.
>
> What can _not_ be allowed is group/world writeable... ANYWHERE in the
> path.
>
> eg if ~dan is /home then
>   /  must be owned by root and permission 755
>   /home  must be owned by root and permission 755
>   /home/dan must be owned by dan and not be group/world writeable
>   /home/dan/.ssh must be owned by dan and not be group/world writeable
>   /home/dan/.ssh/authorized_keys must be owned by dan and
>        not be group/world writeable
>
> Also permissions of /etc /etc/ssh /etc/ssh/sshd_config and so on.
>
> --
>
> rgds
> Stephen
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux