[OS X] ssh key not working due to home dir permissions

Val Schmidt vschmidt at ccom.unh.edu
Wed Apr 26 09:35:53 EDT 2006 

You also might like this GUI front end for managing ssh keys...

http://www.phil.uu.nl/~xges/ssh/

I run it as a startup item and then forget about it.

-Val

On Apr 25, 2006, at 11:35 PM, Andy Jacobson wrote:

> Howdy,
>
> 	I have recently started using the public key and ssh-agent to stop  
> typing passwords all the time.  It's great if you take the trouble  
> to read up on how it works.  The purpose of this email is simply to  
> document one particular way it can fail.
>
> 	Some of the macs I would connect to would accept the public key  
> authorization, and others would reject it (and thus ask me for a  
> password).  I verified that the ssh configurations were identical,  
> and eventually tracked it down to improper permissions on my home  
> directory.  For the machines that were rejecting the key, I had  
> changed my unix group.  Normally a user "andy" is assigned to a  
> unix group called "andy".  For purposes of collaborating with a  
> group of colleagues, I needed to belong to a different group that  
> we all share.  The home directories normally are group-writeable,  
> and permissions on it were not changed when I messed with the  
> groups.  This is apparently too liberal for ssh if you have a non- 
> standard group.  Solution:  chmod g-w ~/.
>
> 	Important method for finding the problem:  enable ssh logging.   
> See http://www.macosxhints.com/article.php?story=20051012162448301  
> to turn it on.  Especially see the first comment to the story,  
> which also creates a /var/log/auth.log which logs login  
> information.  Once logging was turned on, I was able to see the  
> warning message from sshd, which immediately led to tracking down  
> the problem.
>
> 	-Andy
>
> -- 
> Andy Jacobson
> andy.jacobson at noaa.gov
>
> NOAA Earth System Research Lab
> Global Monitoring Division
> 325 Broadway
> Boulder, Colorado 80305
>
> 303/497-4916
>
>
>
> _______________________________________________
> OSX mailing list
> OSX at tazman.princeton.edu
> http://tazman.princeton.edu/mailman/listinfo/osx

------------------------------------------------------
Val Schmidt
CCOM/JHC
University of New Hampshire
Chase Ocean Engineering Lab
24 Colovos Road
Durham, NH 03824
e: vschmidt [AT] ccom.unh.edu
m: 614.286.3726

More information about the OSX mailing list