>> I read the PAM manual page and still have not figured out what to change> >> in /etc/pam.d/sshd to get it working. >> >> Where do I get information on what the different libraries exactly do >> and do I need a special library to make SSH RSA work? >> Can anyone provide a sample configuration for sshd that work for >> password and RSA login? > > Public key login via OpenSSH doesn't go through PAM. If you've got it > enabled (check your sshd_config,) then you should see some messages in > your debug output that look something like this: > > debug1: userauth-request for user schmolli service ssh-connection method pu> blickey > debug1: attempt 1 failures 1 > debug2: input_userauth_request: try method publickey > debug1: test whether pkalg/pkblob are acceptable > debug1: temporarily_use_uid: 501/501 (e=0/0) > debug1: trying public key file /home/schmolli/.ssh/authorized_keys > debug1: restore_uid: 0/0 > debug1: temporarily_use_uid: 501/501 (e=0/0) > debug1: trying public key file /home/schmolli/.ssh/authorized_keys2 > debug1: restore_uid: 0/0 > debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss Failed publickey for> schmolli from 127.0.0.1 port 4434 ssh2 > debug1: userauth-request for user schmolli service ssh-connection method pa> ssword > > If you have an OpenSSH client available, you may get something useful by > running it with -v -v -v. It'll at least tell you what the client is > trying to do. OpenSSH is very picky about the permissions on keys and authorized_key files. Did you verify that you are complying with the strict permission requirements? -- Mike _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
