Bug 704930 - AuthorizedKeysFile not working
Summary: AuthorizedKeysFile not working
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: openssh
Version: 15
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jan F. Chadima
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-05-16 03:28 UTC by Peng Tao
Modified: 2011-05-17 02:33 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-05-17 02:33:08 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Peng Tao 2011-05-16 03:28:12 UTC
Description of problem:
authorizedkeysfile parameter in /etc/ssh/sshd_config does not work. So ssh autologin can not work with public ssh key.

Version-Release number of selected component (if applicable):
openssh-5.6p1-30.fc15.x86_64

How reproducible:
[Fedora29@.ssh]$ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/bergwolf/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/bergwolf/.ssh/id_rsa.
Your public key has been saved in /home/bergwolf/.ssh/id_rsa.pub.
The key fingerprint is:
c1:ef:ac:4e:d4:9c:64:dd:60:f3:86:2b:cf:3a:97:35 bergwolf@Fedora29
The key's randomart image is:
+--[ RSA 2048]----+
|            +    |
|       .   o *   |
|        o o o +  |
|         B . o   |
|        S * .    |
|       . o +  E  |
|        . o oo . |
|       . ...o    |
|       .o .o     |
+-----------------+
[Fedora29@.ssh]$pwd
/home/bergwolf/.ssh
[Fedora29@.ssh]$cat id_rsa.pub >> authorized_keys
[Fedora29@.ssh]$sudo cat /etc/ssh/sshd_config |grep authorized_keys
AuthorizedKeysFile      .ssh/authorized_keys
[Fedora29@.ssh]$ssh localhost
bergwolf@localhost's password:

Actual results:
ssh still requires password

Expected results:
ssh should login without promoting for passwd

Additional info:

Comment 1 Jan F. Chadima 2011-05-16 04:09:20 UTC
1) repair all permissions of the authorized keys file including selinux lebel (restorecon).
2) check logs security and audit.
3) if step 1 works for you close this bugzilla
4) if does not please attach here your sshd_config and interesting pieces of the logs
thx

Comment 2 Miroslav Grepl 2011-05-16 20:05:23 UTC
Also what is your output of

# ls -lZ /home/bergwolf/.ssh

Comment 3 Peng Tao 2011-05-17 02:33:08 UTC
It turns out to be 
May 16 17:57:31 Fedora15 sshd[11894]: Authentication refused: bad ownership or modes for directory /home/bergwolf/.ssh

After doing chmod 700 .ssh, it works now.

Thanks a lot, Jan and Miroslav.


Note You need to log in before you can comment on or make changes to this bug.