LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 05-12-2017, 12:35 PM   #16
JayMatthew
LQ Newbie
 
Registered: Jul 2013
Location: NJ
Distribution: Slackware
Posts: 29

Original Poster
Rep: Reputation: Disabled

Quote:
Originally Posted by astrogeek View Post
That is not correct. You must copy the public key into authorized_keys n the remote machine.

The private key must be 600 perms (local machine) and the public key may be 644.
Ooops. I was copying the id_rsa.pub to the authorized_keys. The perms are correct on the local machine.
 
Old 05-12-2017, 12:43 PM   #17
astrogeek
Moderator
 
Registered: Oct 2008
Distribution: Slackware [64]-X.{0|1|2|37|-current} ::12<=X<=14, FreeBSD_12{.0|.1}
Posts: 5,118
Blog Entries: 11

Rep: Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044
Also, the ~/.ssh directory must be 700 perms...

Code:
drwx------ 2 user user 4096 May  9 21:52 /home/user/.ssh
 
Old 05-12-2017, 12:43 PM   #18
JayMatthew
LQ Newbie
 
Registered: Jul 2013
Location: NJ
Distribution: Slackware
Posts: 29

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Turbocapitalist View Post
There's the problem. The public key must go into the server's authorized_keys file. The private key stays on the client.
I did copy the id_rsa.pub key into the authorized_keys file and still the same issue.
 
Old 05-12-2017, 12:44 PM   #19
JayMatthew
LQ Newbie
 
Registered: Jul 2013
Location: NJ
Distribution: Slackware
Posts: 29

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by astrogeek View Post
Also, the ~/.ssh directory must be 700 perms...

Code:
drwx------ 2 user user 4096 May  9 21:52 /home/user/.ssh
Yes, I did verify the permissions:
drwx------ 2 root root 4096 May 12 17:29 .ssh/
 
Old 05-12-2017, 12:46 PM   #20
astrogeek
Moderator
 
Registered: Oct 2008
Distribution: Slackware [64]-X.{0|1|2|37|-current} ::12<=X<=14, FreeBSD_12{.0|.1}
Posts: 5,118
Blog Entries: 11

Rep: Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044
OK, sounds like perms and files are OK.

Lets reduce the clutter of your config. Do this and paste the output:

Code:
grep -v '^\s*#' /etc/ssh/sshd_config |sed '/^\s*$/d'
 
Old 05-12-2017, 12:49 PM   #21
JayMatthew
LQ Newbie
 
Registered: Jul 2013
Location: NJ
Distribution: Slackware
Posts: 29

Original Poster
Rep: Reputation: Disabled
I have no problem when logging in as a normal user with no password, it's the root key that seems to be giving me the issue. I've installed quite a few machines and this is the first time I am seeing this issue.
 
Old 05-12-2017, 12:50 PM   #22
JayMatthew
LQ Newbie
 
Registered: Jul 2013
Location: NJ
Distribution: Slackware
Posts: 29

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by astrogeek View Post
OK, sounds like perms and files are OK.

Lets reduce the clutter of your config. Do this and paste the output:

Code:
grep -v '^\s*#' /etc/ssh/sshd_config |sed '/^\s*$/d'
Here's the output from the server:
Ciphers aes128-ctr
PermitRootLogin yes
AuthorizedKeysFile .ssh/authorized_keys
X11Forwarding yes
Subsystem sftp /usr/libexec/sftp-server
 
Old 05-12-2017, 01:01 PM   #23
Gerard Lally
Senior Member
 
Registered: Sep 2009
Location: Brú na Bóinne, IE
Distribution: Slackware, NetBSD
Posts: 1,549

Rep: Reputation: 1024Reputation: 1024Reputation: 1024Reputation: 1024Reputation: 1024Reputation: 1024Reputation: 1024Reputation: 1024
Quote:
Originally Posted by JayMatthew View Post
Here's the output from the server:
Ciphers aes128-ctr
PermitRootLogin yes
AuthorizedKeysFile .ssh/authorized_keys
X11Forwarding yes
Subsystem sftp /usr/libexec/sftp-server
I don't know what version of OpenSSH Slackware 14.0 comes with, but I do know substantial changes were introduced with OpenSSH 6.6 or thereabouts. Have you perchance created a key on a newer Slackware that is incompatible with the OpenSSH that comes with 14.0?
 
Old 05-12-2017, 01:01 PM   #24
astrogeek
Moderator
 
Registered: Oct 2008
Distribution: Slackware [64]-X.{0|1|2|37|-current} ::12<=X<=14, FreeBSD_12{.0|.1}
Posts: 5,118
Blog Entries: 11

Rep: Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044
Quote:
Originally Posted by JayMatthew View Post
Here are some errors I'm getting in /var/log/messages:

sshd[23059]: Authentication refused: bad ownership or modes for directory /root
Hmmm...

I just saw this. It is not complaining about key file permission, but the /root directory itself.

What does ls -ld /root show?

If not 710 then make it 710.

Last edited by astrogeek; 05-12-2017 at 01:05 PM.
 
1 members found this post helpful.
Old 05-12-2017, 01:27 PM   #25
JayMatthew
LQ Newbie
 
Registered: Jul 2013
Location: NJ
Distribution: Slackware
Posts: 29

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by astrogeek View Post
Hmmm...

I just saw this. It is not complaining about key file permission, but the /root directory itself.

What does ls -ld /root show?

If not 710 then make it 710.
Wow. It wasn't the permissions, it was the ownership of the directory /root. It wasn't owned by root! Ugh. I don't even know how that happened. I was so focused on permissions I didn't pay attention to the ownership.

Thank you and everyone for your help. It's all working good now!
 
Old 05-12-2017, 01:34 PM   #26
astrogeek
Moderator
 
Registered: Oct 2008
Distribution: Slackware [64]-X.{0|1|2|37|-current} ::12<=X<=14, FreeBSD_12{.0|.1}
Posts: 5,118
Blog Entries: 11

Rep: Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044Reputation: 3044
Quote:
Originally Posted by JayMatthew View Post
Wow. It wasn't the permissions, it was the ownership of the directory /root. It wasn't owned by root! Ugh. I don't even know how that happened. I was so focused on permissions I didn't pay attention to the ownership.

Thank you and everyone for your help. It's all working good now!
Glad that worked, but I am not so sure that you are finished yet!

I would seriously investigate how/who/when ownership of the root directory was changed!

If this is an internet accessible server especially, that is a big red flag on fire!
 
1 members found this post helpful.
Old 05-12-2017, 02:34 PM   #27
JayMatthew
LQ Newbie
 
Registered: Jul 2013
Location: NJ
Distribution: Slackware
Posts: 29

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by astrogeek View Post
Glad that worked, but I am not so sure that you are finished yet!

I would seriously investigate how/who/when ownership of the root directory was changed!

If this is an internet accessible server especially, that is a big red flag on fire!
Agreed. There are only a handful of people with root access to the server and will hopefully find out on Monday.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh issue when key and key.pub do not match ilesterg Linux - Security 4 01-30-2017 02:20 PM
Logging in as Root via ssh mwalshe2000 Linux - Newbie 4 09-23-2014 05:12 PM
[SOLVED] Bash prompt issue when logging in via SSH tar1827 Linux - Newbie 7 09-25-2012 10:28 PM
[SOLVED] Issue logging in via SSH Hobbletoe Solaris / OpenSolaris 1 05-17-2012 08:10 AM
[SSH] Issue logging in [SSH & Permissions] MD3 Linux - Networking 11 12-10-2006 09:25 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 11:54 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration