[Mageia-discuss] password-less ssh
Buchan Milne
bgmilne at staff.telkomsa.net
Mon Sep 26 11:04:37 CEST 2011
On Saturday, 24 September 2011 20:34:49 Juergen Harms wrote:
> I did not try to put my user data to /etc ..., /etc is not a place for
> user-specific data, and is specific to each OS partition. I tried (and
> /common is not on my root file-system - the problem might be there)
>
> AuthorizedKeysFile /common/share/home/harms/.ssh/authorized_keys
>
> Result: password is still required; but there is an effect: a plain
> /home/harms/.ssh/authorized_keys is not seen any more.
>
>
>
> Summary
> - ssh does not correctly use an authorized_keys file if the target is a
> symbolic link form $HOME/.ssh
> - this problem only exists for sessions started from a laptop on a
> desktop server, the other way round there is no problem
> - this problem has only recently appeared
> - using mount --bind for mounting $HOME/.ssh at on a template
> directory results in correct behaviour
> - twiddling /etc/ssh/sshd_conf (StrictMode, AuthorizedKeysFile) does
> not produce satisfactory results.
> But since I am the only one to observe this problem, opening a bug is in
> my opinion not justified.
Changing AuthorizedKeysFile is an important documented feature, and used
extensively in the projects servers. If this is broken, it should be
investigated further. (and possibly we should introduce the
AuthorizedKeysCommand path and the LDAP provider that works with it)
Regards,
Buchan
More information about the Mageia-discuss
mailing list