On Mon, 2006-01-23 at 23:48 -0600, Les Mikesell wrote:
On Mon, 2006-01-23 at 23:38, Craig White wrote:
15556 16:54:59 stat64("/var/lib/nxserver/home/.ssh/authorized_keys2", 0xbfe2f4d0) = -1 ENOENT (No such file or directory) 15556 16:54:59 lstat64("/var/lib/nxserver/home/.ssh/authorized_keys2", 0xbfe2f3c0) = -1 ENOENT (No such file or directory)
Doesn't that file exist? Or is this really a SELinux access error?
yes it exists. No - not an SELinux error. Just the nonsense from a useless strace.
It's not nonsense. The system call told the app the file doesn't exist.
I think I know the issue.
I copied client.id_dsa.key to lin-workstation:/home/craig/.ssh/authorized_keys2 and still can't use Pubkey authentication as user nx - which tells me that the underlying system on the server isn't getting the value of the public key from /var/lib/nxserver/home/.ssh/
That's not surprising if it is failing to read the files there. Are they owned by user nx?
---- I've already posted the output. The files are there, they are readable by user nx - I've not mucked with any of the privileges of any of the files or subdirectories in the path. The permissions of everything seems fine.
This is a very clean install.
What I have discovered is this...
if I copy the file client.id_dsa.key to the client machine, and rename it - i.e. cp client.id_dsa.key ~/.ssh/id_dsa
and then on the server...
cp /var/lib/nxserver/home/.ssh/authorized_keys2 /var/lib/nxserver/home/.ssh/authorized_keys and chown nx /var/lib/nxserver/home/.ssh/authorized_keys
I can then login in from my client via ssh using pubkey (finally)
$ ssh nx@srv1.azapple.com HELLO NXSERVER - Version 1.4.0-44 OS (GPL) NX> 105 exit exit Exit NX> 999 Bye Connection to srv1.azapple.com closed.
I haven't translated this into a successful login from nxclient but I think this helps
Craig