Tim Dunphy wrote, On 10/22/2010 03:30 PM:
hmm.. ok then gordon thanks for the input! how do these permissions grab ya?
[bluethundr@LCENT01 ~]$ ls -alh | grep .ssh -rw------- 1 bluethundr summitnjops 70 Oct 17 14:04 .lesshst drwx------ 2 bluethundr summitnjops 512 Oct 22 14:06 .ssh
[bluethundr@LCENT01 ~]$ ls -lah .ssh total 34K drwx------ 2 bluethundr summitnjops 512 Oct 22 14:06 . drwx------ 106 bluethundr summitnjops 5.5K Oct 22 14:44 .. -rw------- 1 bluethundr summitnjops 820 Oct 22 14:19 authorized_keys -rw------- 1 bluethundr summitnjops 1.7K Oct 22 14:18 id_rsa -rw-r--r-- 1 bluethundr summitnjops 403 Oct 22 14:18 id_rsa.pub -rw-r--r-- 1 bluethundr summitnjops 20K Oct 22 14:47 known_hosts [bluethundr@LCENT01 ~]$
An experiment for you...
Assumptions: 1) NFS v3 2) on the NFS server the file system is named '/exportedfilesytem' 3) have root on both machines 4) on the NFS client the file system is mounted such that it contains bluethundr's home directory 5) root_squash is in play
On the NFS server MYNFSFS=/exportedfilesytem grep $MYNFSFS /etc/exports grep $MYNFSFS /etc/exports | grep -v no_root_squash #if you get a line back then root on the client machine is being squashed. man exports #search down for root_squash
On the NFS client (virt1) #### login as root #### cd ~bluethundr/.ssh/ #you may have just gotten an error. ls -lah ~bluethundr/.ssh/* #you may have just gotten an error. cat ~bluethundr/.ssh/authorized_keys #you _have_ just gotten an error, and this is the one that stops you IIRC.
Suggestions: 1) Consider tightening up perms on id_rsa.pub & known_hosts 2) Open up the _read_ perms on authorized_keys 3a) IIRC you _may_ also have to open up the _read_ perms on ~/.ssh 3b) IIRC you _may_ also have to open up the exec perms on ~/.ssh If you have to do one of 3a or 3b, try each individually and only give as much as you have to.