OpenSolaris Solaris Forum  
     

Left Nav FAQ Members List Default Password Members List Linux Commands Search Today's Posts Mark Forums Read Right Nav

Left Container Right Container
 

Go Back   OpenSolaris Solaris Forum Solaris Networking

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 03-16-2012, 07:45 PM
Junior Member
 
Join Date: Mar 2012
Location: NH, USA
Posts: 2
Default SSH Publickey fails for some user accounts

Problem platform: SunOS xxxxxx 5.11 oi_151a i86pc i386 i86pc

I've configured publickey auth for my personal account and can move between multiple servers with no password prompt. I've created an utility account that will be moving files and launching rsync tranfers and attempted pulbickey auth but that account always reverts to password authentication.

I'm assuming that there is a difference in how the accounts were created, but the only onethat I can find is that mine has role=root. When I assigned that role to the utility account it made no difference so I removed the role.

Steps used in setting up publickey auth:
# ssh-keygen -t rsa -N ""
# cp id_rsa.pub authorized_keys
# chmod 600 authorized_keys
# scp .ssh/* OtherServer:~/.ssh

I understand that the account on each server should have its own key with all the key concatenated in authoriized_keys, but there will be dozens of servers involved and the method described is working on my user account and has been successfully applied in other data centers.

tia
Reply With Quote
Sponsored Links

  #2 (permalink)  
Old 03-19-2012, 03:44 PM
Junior Member
 
Join Date: Mar 2012
Location: NH, USA
Posts: 2
Default Solved: SSH Publckey fails for some user accounts

Fixed. The home directory CAN NOT have group write enabled. My home directory with publickey accepted was mode 755. The home of the utility account was mode 775.

Debugging:
- Stop sshd 'svcadm disable ssh'
- Launch from the command line in debug mode without output to console.
# /usr/lib/ssh/sshd -dd
If I then attempt a logon to this server, the console reports 'Authentication refused: Bad ownership or modes for directory /export/home/username.

Last edited by Kermujian; 03-19-2012 at 03:45 PM. Reason: typo affecting meaning
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Solaris: clnt_create fails on solaris x86 DivakarAdari Solaris General 0 05-09-2011 12:47 PM


All times are GMT. The time now is 12:31 AM.


Powered by vBulletin. Copyright 2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.1.0 ©2007, Crawlability, Inc.