SSH keys broken?
James Laska
jlaska at redhat.com
Thu Sep 30 18:50:12 UTC 2010
On Thu, 2010-09-30 at 11:09 -0700, Adam Williamson wrote:
> On Thu, 2010-09-30 at 20:02 +0200, Kjartan Maraas wrote:
> > to., 30.09.2010 kl. 19.57 +0200, skrev Michael Spahn:
> > > Am 30.09.2010 16:46, schrieb Steven Haigh:
> > > > On 01/10/10 00:33, Adam Williamson wrote:
> > > >> On Thu, 2010-09-30 at 09:16 -0400, Stephen John Smoogen wrote:
> > > >>> On Thu, Sep 30, 2010 at 00:17, Steven Haigh<netwiz at crc.id.au> wrote:
> > > >>>> In the last couple of days I've noticed that any host that I usually
> > > >>>> connect to via SSH with a shared key authentication still prompts me for
> > > >>>> a password.
> > > >>> 1) Are permissions ok? Home directory needs to be 755 and .ssh needs
> > > >>> to be 700. Second check to see if something changed the attrs on the
> > > >>> directories or files
> > > >>>
> > > >>> lsattr .ssh
> > > >>> ls -Z .ssh
> > > >> Steven, are they actually prompting for your *login password*, or is it
> > > >> the passphrase for your ssh key? The two would indicate different
> > > >> problems.
> > > > Ahhh - Interesting. Instead of ~/.ssh/identity being used, I needed to
> > > > symlink ~/.ssh/id_rsa to ~/.ssh/identity.
> > > >
> > > > The weird thing is that my setup of using ~/.ssh/identity has worked
> > > > perfectly for many years - but has only now stopped.
> > > >
> > > > Has this been a change in ssh or something else I'm not aware of?
> > > >
> > > I think it's just the server configuration of Fedora, I could connect
> > > with Fedora to my Debian server using keyfiles.
> > >
> > > Maybe we should enable the keyfiles in the /etc/ssh/sshd_config by default?
> >
> > Could it be related to the problem I see here?
> >
> > [kmaraas at e4300 ~]$ ssh-add
> > Could not open a connection to your authentication agent.
>
> also check if you're getting a crash on boot from gnome-keyring. I was,
> until I updated today, and it was preventing password/phrase saving in
> gnome-keyring from working.
That was the problem I was seeing. Reverting the glib2 update resolved
the issue for me.
Not sure if my symptoms match the issues previously discussed.
Thanks,
James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/test/attachments/20100930/aafedbda/attachment.bin
More information about the test
mailing list