Hi folks, umm, I have a small problem. When setting up our server, I tried to get the best security as possible. Maybe I changed some config-file to fit our needs to allow ssh-logins only from specified users.(But I have no idea which file this was :-(( ) Now I want to allow another user to login using ssh. I made ssh-keygen for this user, entered the password, copied identity.pub to authorized_keys in the .ssh-directory. But when trying to login via ssh, servers sends permission denied. What else must be done ? TIA ---Stephan
Hi, If it is ssh v1 then the configuration file is /etc/sshd_config, and the default configuration should allow any user to connect from anywhere. For ssh v2 then the config file is /etc/ssh2/sshd2_config. This is the server configuration (deamon). Ofcourse taking into considiration that the machine you are connecting to is not connected somehow via a switch/router, and the access list allows port 22 through!
PS. Try default config, and work from there, always easiest. :)
Does this make any sense?
On Sun, Feb 01, 1998 at 05:58:25PM +0100, Security Webmaster OKDesign oHG wrote:
Hi folks, umm, I have a small problem. When setting up our server, I tried to get the best security as possible. Maybe I changed some config-file to fit our needs to allow ssh-logins only from specified users.(But I have no idea which file this was :-(( ) Now I want to allow another user to login using ssh. I made ssh-keygen for this user, entered the password, copied identity.pub to authorized_keys in the .ssh-directory. But when trying to login via ssh, servers sends permission denied. What else must be done ? TIA ---Stephan
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-------------------------------- Omar Al-Sakka -------------------------------- WARNING : PROLONGED EXPOSURE TO THIS MESSAGE HAZARDOUS TO YOU HEALTH!! --------------------------------
Hi folks, umm, I have a small problem. When setting up our server, I tried to get the best security as possible. Maybe I changed some config-file to fit our needs to allow ssh-logins only from specified users.(But I have no idea which file this was :-(( ) Now I want to allow another user to login using ssh. I made ssh-keygen for this user, entered the password, copied identity.pub to authorized_keys in the .ssh-directory. But when trying to login via ssh, servers sends permission denied. What else must be done ? TIA ---Stephan
Make sure the ~user/.ssh/authorized_keys is fully accessible for the user. Upon login, sshd checks file permissions and opens files with the effective userid set to that of the user to be logged on. The -EPERM might be a result from not having changed the ownership of the relevant files and directories after copying. Also make sure that no file/dir is writeable for users other than the owner.
Use `ssh -v' to get verbose diagnostics. This will reveal the problem in most cases.
Roman.
-
Omar Al-Sakka -
Roman Drahtmueller -
Security Webmaster OKDesign oHG