[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] authorized_keys quthentication when in jail?

From: Olivier Sessink
Subject: Re: [Jailkit-users] authorized_keys quthentication when in jail?
Date: Tue, 29 May 2007 23:21:22 +0200
User-agent: Icedove (X11/20070329)

Peter Lauda wrote:

I've been trying to get public key authentication running between two
systems using the jailkit to lock down access in addition to this. I've had
the jail working succesfuly for some time now using sftp exclusively. We now
need to allow a specific site access using ssh/rsync. I've tested and
corected a few things to get regular public key exchange login to work but I
can't seem to get the jailkit pieces to do the same.
I've set debugging to DEBUG in sshd_config and I see it trying to read the
authorized_keys file in the users home directory. I doesn't give any failure
but the mechanism doesn't function and the password promp always pops up.

Does anyone have a doc on how to accomplish this? I've read through a bunch
already that are howto's for ssh and rsync but they don't cover what to look
at when things go wrong. The home directories of the 'jailed' users IS nfs
mounted but I HAVE set the perms on the files/directories to be world
readable so that root can read the nfs mounted file(s). Anything else to
look for?

the most common problem with ssh key authentication is the ownership and permissions of the home directory and the .ssh subdirectory and its files. They all must be owned by the user. Openssh sshd requires the .ssh directory to be 0700 (rwx------) and the files (especially the authorized_keys file) to be 0600 (rw-------). This has nothing to do with jailkit, but this is the most common problem.

can you check this?


b.t.w. for an easy check: change the shell from jk_chrootsh into bash and test if public key authentication works.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]