Hi Brandon,
Have you checked the "bear" a/c home dir as Harry suggested. Check
".ssh/authorized_keys"
on bear's home dir.
If its not working try ssh with -v option to debug. It will show you from
which key it authenticates.
Regards
Pravesh Kumar
On Tue, May 14, 2013 at 10:08 PM, Lucas, Brandon <Brandon.Lucas@xxxxxxxxx>wrote:
> Hi all -
>
> I have a question about SSH that I can't seem to figure out. Here is the
> situation:
>
> 4 servers on RHEL 6.3
>
> One server has a local account ("teddy"). SSH key pairs have been set up
> between this "teddy" account and the other 3 servers on a different local
> account common to the other 3 servers ("bear"), but not present on the
> "teddy" server. These 3 servers do not have a "teddy" account.
>
> Now, I am able to ssh without password between the 3 "bear" servers using
> the "bear" account without a password. This behavior is undesired as it
> bypasses some key controls.
>
> I figure what must be happening here is that since the 3 "bear" servers
> have the same public key that points to the "teddy" server, they must be
> using that fourth server as some type of "witness" to verify the identity
> of the user making the ssh connection, bypassing the password for the
> "bear" account. I have disabled AgentForwarding on all 4 servers in
> question, as well as X11Forwarding. This has not helped.
>
> What is going on here and how do I avoid it?
>
> Brandon
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
