I noticed that authorized keys had the group-write-bits set to 6.
I fixed it:
chmod 644 ~dan/.ssh/authorized_keys
Now I can authenticate via public-key.
Yay! Thanks Stephen
On 5/9/14, Stephen Harris lists@spuddy.org wrote:
On Fri, May 09, 2014 at 03:42:52PM -0700, Greg Bailey wrote:
I think you're missing:
chmod 600 ~dan/.ssh/authorized_keys
Without it, sshd won't use the authorized_keys file if it's readable by other users. (I think that's related to "StrictMode"; consult sshd man page)
No. Public keys are public and are happy to be readable.
What can _not_ be allowed is group/world writeable... ANYWHERE in the path.
eg if ~dan is /home then / must be owned by root and permission 755 /home must be owned by root and permission 755 /home/dan must be owned by dan and not be group/world writeable /home/dan/.ssh must be owned by dan and not be group/world writeable /home/dan/.ssh/authorized_keys must be owned by dan and not be group/world writeable
Also permissions of /etc /etc/ssh /etc/ssh/sshd_config and so on.
--
rgds Stephen _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos