8 messages in org.freebsd.freebsd-bugsbin/27821: can't do RSA login via ssh...| From | Sent On | Attachments |
|---|---|---|
| Archie Cobbs | Jun 1, 2001 1:46 pm | |
| Bill Fenner | Jun 1, 2001 2:19 pm | |
| Archie Cobbs | Jun 1, 2001 2:39 pm | |
| Bill Fenner | Jun 1, 2001 2:49 pm | |
| Archie Cobbs | Jun 1, 2001 3:09 pm | |
| Archie Cobbs | Jun 1, 2001 3:09 pm | |
| ro...@FreeBSD.org | Jun 1, 2001 11:54 pm | |
| Kris Kennaway | Jun 2, 2001 2:34 am |
| Subject: | bin/27821: can't do RSA login via ssh to root account | |
|---|---|---|
| From: | Archie Cobbs (arc...@packetdesign.com) | |
| Date: | Jun 1, 2001 1:46:08 pm | |
| List: | org.freebsd.freebsd-bugs | |
Number: 27821 Category: bin Synopsis: can't do RSA login via ssh to root account Confidential: no Severity: non-critical Priority: medium Responsible: freebsd-bugs State: open Quarter: Keywords: Date-Required: Class: sw-bug Submitter-Id: current-users Arrival-Date: Fri Jun 01 13:50:00 PDT 2001 Closed-Date: Last-Modified: Originator: Archie Cobbs Release: FreeBSD 4.3-RELEASE i386 Organization: Packet Design Environment:
System: FreeBSD bubba.packetdesign.com 4.3-RELEASE FreeBSD 4.3-RELEASE #0: Thu
Apr 26 15:28:39 PDT 2001 ro...@bubba.packetdesign.com:/usr/obj/usr/src/sys/BUBBA
i386
Description:
Normally, when you use ssh-add to add your identity, and the remote accout you're logging into has your public key in it's ${HOME}/.ssh/authorized_keys file, you are allowed to ssh into that machine without providing a password.
However, it seems that this doesn't work if the account you are trying to ssh into is "root", though it works for other normal accounts. That is, with the root account only, ssh asks you for the root password instead of just letting you login automatically (with the correct password, the login does then succeed).
This is either a bug or at least a documentation omission, as it makes the "PermitRootLogin without-password" setting useless.
How-To-Repeat:
Set up /root/.ssh/authorized_keys with your public key on machine A and try to ssh root@A from machine B after adding your public identity via ssh-agent and ssh-add.
Of course, machine B needs "PermitRootLogin yes" in /etc/ssh/sshd_config.
Both machines are FreeBSD 4.3.
Fix:
None.
Release-Note: Audit-Trail: Unformatted:
To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message