Bug 118052 - .ssh/authorized_keys not honoured
.ssh/authorized_keys not honoured
Product: Fedora
Classification: Fedora
Component: policy (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2004-03-11 10:09 EST by Tim Waugh
Modified: 2007-11-30 17:10 EST (History)
1 user (show)

See Also:
Fixed In Version: 1.8-10
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-03-12 06:13:57 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Tim Waugh 2004-03-11 10:09:13 EST
Description of problem:
After creating .ssh/authorized_keys in my non-root user's home
directory on an enforcing installation, using ssh to log in from a
user on another machine whose id_dsa.pub is contained in
authorized_keys still asks for a password.

I get:

avc:  denied  { search } for  pid=4036 exe=/usr/sbin/sshd name=.ssh
dev=hdb1 ino=748424 scontext=system_u:system_r:sshd_t
tcontext=user_u:object_r:user_home_t tclass=dir

in the dmesg output, and audit2allow says:

allow sshd_t user_home_t:dir { search };

Version-Release number of selected component (if applicable):

How reproducible:
Comment 1 Tim Waugh 2004-03-12 06:13:57 EST
This seems to be fixed in policy-1.8-10.
Comment 2 Noa Resare 2004-04-11 16:25:48 EDT
If anyone has problems with authorized_keys and 'setenforce 0' "fixes"
them it can also be because the .ssh/authorized_keys file is not
labeled correctly.

Run 'fixfiles --check' and wait a (long) while and then try again.
Comment 3 Daniel Walsh 2004-04-12 07:54:57 EDT
You can use restorecon on individual files.

Note You need to log in before you can comment on or make changes to this bug.