[CentOS] ssh prompting for password

Wed Nov 17 02:12:17 UTC 2010
Kwan Lowe <kwan.lowe at gmail.com>

On Tue, Nov 16, 2010 at 4:05 PM, bluethundr <bluethundr at gmail.com> wrote:

>
> So therefore my RSA key should already be in my authorized_keys on any
> host. However logging into the virtual network, I always get prompted
> for a password. just for the heck of it, I scp'd the key over again to
> one of the virtual hosts:
>
[snip]
> Considering that this key is internal network only and doesn't have a
> passphrase set (it does not traverse internet boundaries) why on earth
> am I being prompted for a password whenever I ssh into this machine?

I've seen this before in NFS mounted home directories..and had to
think about it before I realized what was happening.

When you first attempt to login, sshd is running as root. It needs to
look at your NFS mounted home directory (which is often set for no
root squash) to get the public key.  But because it is no root squash,
and the perms on your pubkey are probably 700, even root can't read
the key.  You can verify by logging in as root to the machine and
trying to cat out the users public key.  Most likely you cannot so the
sshd cannot validate the key.