[scponly] Could not open keyfile '/home/testuser/.ssh/authorized_keys': Permission denied
Kaleb Pederson
kaleb.pederson at gmail.com
Thu Oct 25 11:52:54 EDT 2012
I don't understand exactly what changes you made. I'll need to see the
full permissions on the hierarchy to be able to offer any suggestions.
OpenSSH should provide sufficient information to debug this when using
the right settings.
Also, the scponly FAQ references strace/ktrace/struss that can also be
used to find out exactly what system call is failing.
--Kaleb
On Thu, Oct 25, 2012 at 1:58 AM, Oliver Rau
<oliver.rau at systemlogistik.dpd.com> wrote:
>
> Am 25.10.2012 07:23, schrieb Kaleb Pederson:
>> On Wed, Oct 24, 2012 at 11:14 AM, oliver rau
>> <oliver.rau at systemlogistik.dpd.com> wrote:
>>
>> I presume that testuser is NOT in the ftpgroup?
>>
>> I emulated the rest of your permissions and everything works on my
>> machine. I'd bet that if you add o+rx to that directory everything
>> works?
>>
>> Please confirm.
>>
> I changed testuser to daTeV2SyS9, similar conf like before, then I put
> 0755 on /home but still doesn't work, got these messages in auth.log:
>
> Oct 25 10:47:48 sys-ftp sshd[18967]: debug1: Forked child 19912.
> Oct 25 10:47:48 sys-ftp sshd[19912]: Set /proc/self/oom_adj to 0
> Oct 25 10:47:48 sys-ftp sshd[19912]: debug1: rexec start in 5 out 5
> newsock 5 pipe 7 sock 8
> Oct 25 10:47:48 sys-ftp sshd[19912]: debug1: inetd sockets after
> dupping: 3, 3
> Oct 25 10:47:48 sys-ftp sshd[19912]: Connection from 10.15.19.100 port 47981
> Oct 25 10:47:48 sys-ftp sshd[19912]: debug1: Client protocol version
> 2.0; client software version 1.34
> Oct 25 10:47:48 sys-ftp sshd[19912]: debug1: no match: 1.34
> Oct 25 10:47:48 sys-ftp sshd[19912]: debug1: Enabling compatibility mode
> for protocol 2.0
> Oct 25 10:47:48 sys-ftp sshd[19912]: debug1: Local version string
> SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze2
> Oct 25 10:47:48 sys-ftp sshd[19912]: debug1: PAM: initializing for
> "daTeV2SyS9"
> Oct 25 10:47:48 sys-ftp sshd[19912]: debug1: PAM: setting PAM_RHOST to
> "em2012.systemlogistik.dpd.de"
> Oct 25 10:47:48 sys-ftp sshd[19912]: debug1: PAM: setting PAM_TTY to "ssh"
> Oct 25 10:47:48 sys-ftp sshd[19912]: Failed none for daTeV2SyS9 from
> 10.15.19.100 port 47981 ssh2
>
> Thanks
> Oliver
>
>
> Sitz der Gesellschaft: Neufahrn bei Freising
> Registergericht Muenchen HRA 77871
>
> Persoenlich haftende Gesellschafterin:
> DPD Systemlogistik Management GmbH
> Registergericht Bad Hersfeld HRB 799
> Geschaeftsfuehrer: Andreas Wild
>
>
> E-Mails schonen die Umwelt. Umso mehr, wenn sie nicht ausgedruckt werden.
> Bitte drucken Sie diese E-Mail nur, wenn es erforderlich ist.
>
> Think about the environment! Do not print this mail unless necessary.
More information about the scponly
mailing list