openssh bugs - Mar 2010 - [Bug 1747] New: AuthorizedKeysFile not working as advertised

https://bugzilla.mindrot.org/show_bug.cgi?id=1747

           Summary: AuthorizedKeysFile not working as advertised
           Product: Portable OpenSSH
           Version: 5.4p1
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: major
          Priority: P2
         Component: sshd
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: dtpflug at gmail.com


In the upgrade from 5.3 to 5.4, my pubkey authentication stopped
working. I investigated and found this in the logs:

Mar 29 19:46:42 dpflug-desktop sshd[18203]: debug1: trying public key
file //.ssh/authorized_keys

That's the only place it checks for authorized_keys.

I asked in #openssh and was told that commenting out AuthorizedKeysFile
in the config has helped some people.

In the sshd_config man page, it states:
After expansion, AuthorizedKeysFile is taken to be an absolute path or
one relative to the user's home directory.  The default is
``.ssh/authorized_keys''.

I have "AuthorizedKeysFile .ssh/authorized_keys" in my sshd_config,
but
it's not working. Commenting it out did help:

Mar 29 19:52:12 dpflug-desktop sshd[18323]: debug1: matching key found:
file /home/dpflug/.ssh/authorized_keys, line 1

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1747

David Pflug <dtpflug at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dtpflug at gmail.com

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1747

Darren Tucker <dtucker at zip.com.au> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dtucker at zip.com.au
             Blocks|                            |1743
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED

--- Comment #1 from Darren Tucker <dtucker at zip.com.au> 2010-04-09
10:42:09 EST ---
Thanks for the report.  This has been fixed and will be in the 5.5p1
release.  You can confirm by trying a recent snapshot
(http://www.mindrot.org/openssh_snap/).

You can work around it commenting it out (as you noted) or by using
"%h" to explicitly specify the user's home directory, eg:

AuthorizedKeysFile %h/.ssh/authorized_keys

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1747

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> 2010-04-16 15:50:37
EST ---
Mass move of bugs RESOLVED->CLOSED following the release of
openssh-5.5p1

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.