SSH / permissions problem
Rick Sewill
rsewill at gmail.com
Tue Jul 13 18:40:02 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/13/2010 10:49 AM, Gary Stainburn wrote:
> Hi folks,
>
> This seems like de ja vu, but I can't find anything in the archives.
>
> I've got F13 on my laptop, and also on a new virtual server.
>
> I've copied my home directory from my old server to my new one and then tried
> to ssh to the new server. However, I have a problem
>
> If I ssh to root on the new server everything is fine, but if I ssh to my user
> I get errors and X forwarding doesn't work.
>
> Can anyone suggest things for me to look at / try.
>
> Gary
>
> [gary at dcomp5 ~]$ ssh -Y -C lcomp3 -l root
> root at lcomp3's password:
> Last login: Tue Jul 13 16:04:20 2010 from gary.ringways.co.uk
> [root at lcomp3 ~]# kcalc
> [root at lcomp3 ~]# logout
> [gary at dcomp5 ~]$ ssh -Y -C lcomp3
> gary at lcomp3's password:
> Last login: Tue Jul 13 15:55:16 2010 from gary.ringways.co.uk
> /usr/bin/xauth: timeout in locking authority file /home/gary/.Xauthority
> [gary at lcomp3 ~]$ kcalc
> X11 connection rejected because of wrong authentication.
> kcalc: cannot connect to X server localhost:11.0
> [gary at lcomp3 ~]$
>
If root works, but your local user does not, and you appear to have
gotten beyond the initial login sequence--it seemed to accept password
authentication in both cases--I would suspect something in one of your
~/.bash* files. I've been burned, multiple times, having something in
my .bashrc or .bash_profile that does something "interactive",
forgetting an ssh shell is batch.
I have the same problem when I try to do things in a cron job when I
forget a cron job is also batch.
I have carefully separated my .bash_profile and .bashrc file into those
parts I always want done and those parts that are interactive.
I place a check in my .bashrc file to prevent interactive stuff being
done in a batch job.
# check for shell is not interactive
[ -z "${PS1}" ] && return
As a "quick" test, could you save your .bash_profile and .bashrc files,
get the "default" files, and see if you can ssh in? The default files
should be found /etc/skel/.bash_profile and /etc/skel/.bashrc
Also, I strongly recommend you disable ssh root login and have people
first log into their own account and then su to root. To disable root
login, please look at /etc/ssh/sshd_config.
In this file, I have
PermitRootLogin no
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkw8swIACgkQyc8Kn0p/AZRgbACffvA3UUlqVw4ICErb/H7NfLk0
8AcAoKe0WgTDz7OwcDb6gPjjXvjNxJz8
=K3YZ
-----END PGP SIGNATURE-----
More information about the users
mailing list