Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 597621 - openssh default config AuthorizedKeysFile entry considers home directory to be "/"
Summary: openssh default config AuthorizedKeysFile entry considers home directory to b...
Keywords:
Status: CLOSED DUPLICATE of bug 595935
Alias: None
Product: Fedora
Classification: Fedora
Component: openssh
Version: 13
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Jan F. Chadima
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-05-29 20:21 UTC by Thomas Spear
Modified: 2010-05-29 22:49 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-05-29 22:49:05 UTC


Attachments (Terms of Use)

Description Thomas Spear 2010-05-29 20:21:16 UTC
Description of problem:
Upon installation of openssh-server, I modified the configuration to allow authentication via public key file. The default AuthorizedKeysFile entry reads:

AuthorizedKeysFile    .ssh/authorized_keys

This worked fine in FC12 x86, but in FC13 x86_64 (clean install, not upgrade), this does not work. When password and all other authentication methods are disabled, and running sshd -d on an alternate port, I see the following on the server end when attempting to connect from a client with pubkeys:

debug1: trying public key file //.ssh/authorized_keys

After commenting the AuthorizedKeysFile entry in my sshd_config file, and restarting sshd, I am able to connect with no problem with pubkeys.

Version-Release number of selected component (if applicable):


How reproducible:
100%

Steps to Reproduce:
1. Set PasswordAuthentication no
2. Set RSAAuthentication yes
3. Set AuthorizedKeysFile .ssh/authorized_keys
4. sshd -p (insert random port number here) -d
5. Allow inbound connections on said port number in firewall (and SELinux if needed)
6. Connect from remote host with pubkeys and immediately receive disconnect
7. Check in the window where sshd was run manually and see the debug1 line pasted above among other lines in the output.
  
Actual results:
No supported authentication methods available

Expected results:
Connect and able to use ssh

Additional info:

Comment 1 Colin.Simpson 2010-05-29 22:17:43 UTC
Duplicate of bug #595935 ?

Comment 2 Thomas Spear 2010-05-29 22:49:05 UTC
Yes, marking as dup

*** This bug has been marked as a duplicate of bug 595935 ***


Note You need to log in before you can comment on or make changes to this bug.