Hide Forgot
Description of problem: On a clean, updated RHEL 6.1 host, ssh-copy-id from a remote machine creates /root/.ssh with the wrong selinux context How reproducible: Every time Steps to Reproduce: [root@rhel ~]# ls -al /root/.ssh/ ls: cannot access /root/.ssh/: No such file or directory (on another computer, run: 'ssh-copy-id root@rhel' and enter the password) [root@rhel ~]# ls -alZ /root/.ssh drwx------. root root unconfined_u:object_r:admin_home_t:s0 . dr-xr-x---. root root system_u:object_r:admin_home_t:s0 .. -rw-------. root root unconfined_u:object_r:admin_home_t:s0 authorized_keys (looks like .ssh has been created with the wrong context. It can't be used to ssh in with a key) [root@rhel ~]# restorecon -r /root/.ssh [root@rhel ~]# ls -alZ /root/.ssh drwx------. root root system_u:object_r:ssh_home_t:s0 . dr-xr-x---. root root system_u:object_r:admin_home_t:s0 .. -rw-------. root root system_u:object_r:ssh_home_t:s0 authorized_keys (context has been fixed - can now ssh in using a key)
Please try this with RHEL6.2 policy selinux-policy-3.7.19-123.el6.noarch.rpm Preview release available on http://people.redhat.com/dwalsh/SELinux/RHEL6
Does your ssh-copy-id contain restorecon? # mgrepl@rhel6 RHEL-6]$ grep restorecon /usr/bin/ssh-copy-id { eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys; test -x /sbin/restorecon && /sbin/restorecon .ssh .ssh/authorized_keys" || exit 1 The problem probably is you do ssh-copy-id from a machine where ssh-copy-id doesn't contain restorecon which is needed for RHEL6.2
This seems to be duplicate of #739989. What is version of openssh package on remote machine?
*** This bug has been marked as a duplicate of bug 739989 ***