Bug 481079

Summary: ssh root@localhost stopped working
Product: [Fedora] Fedora Reporter: D. Wagner <daw-redhatbugzilla>
Component: opensshAssignee: Tomas Mraz <tmraz>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 10CC: mgrepl, tmraz
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-02-12 10:48:22 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:

Description D. Wagner 2009-01-21 21:03:17 EST
Description of problem:

I recently upgraded my laptop from Fedora 9 -> Fedora 10.  Before upgrading, I could do "ssh root@localhost" and it would use my DSA private key to authenticate and let me log into the root account on the local host.  After upgrading, this no longer works; on my laptop, "ssh localhost", "ssh someotherhost", and "ssh root@someotherhost" all still work, but "ssh root@localhost" refuses to accept my DSA key and prompts for the root password.  Similarly, from another machine, "ssh mylaptop" works but "ssh root@mylaptop" does not accept my DSA key and prompts for the root password.

Any clue why this is happening?

I checked that /etc/ssh/sshd_config has not changed the PermitRootLogin setting.  I even tried uncommenting it and explicitly setting PermitRootLogin to yes, and restarting sshd, without seeing any change.  I'm not seeing any messages in any file in /var/log/ that explains what is going on.  Running "ssh -v root@localhost" only shows that the DSA key was tried and rejected without any explanation of why.  The only thing other hypothesis I was able to come up with is that maybe this is some interaction with PAM, but I wouldn't know how to check that.

Any ideas how to troubleshoot this?

P.S. The bugzilla interface for selecting a component still sucks.  (A tiny menu to select one among a few thousand components? Nuts.)

Version-Release number of selected component (if applicable):

openssh-5.1p1-3.fc10.x86_64
pam-1.0.2-2.fc0.{i386,x86_64}

How reproducible:

100%

Steps to Reproduce:
1. Set up a DSA private key.  Use ssh-add to type in your passphrase if you have one.
2. Run "ssh root@localhost"
3. 
  
Actual results:

SSHD accepts your private key and logs you in immediately.

Expected results:

SSHD prompts you for the root password.

Additional info:
Comment 1 D. Wagner 2009-01-24 03:14:41 EST
I can confirm that this bug is also present on a clean install of Fedora 10.  Any ideas why?
Comment 2 D. Wagner 2009-01-24 03:22:26 EST
I'm an idiot.  This bug is not present on a clean install of Fedora 10.  Please disregard comment #1.

Not sure why it happened when I did an upgrade from F9->F10; maybe I was an idiot then, too (though I doubt it was the same error), or maybe it was something else.
Comment 3 Tomas Mraz 2009-02-12 10:48:22 EST

*** This bug has been marked as a duplicate of bug 473014 ***