similar to: [Bug 220] New: sshd fails to read other users authorized_keys over nfs as root

http://bugzilla.mindrot.org/show_bug.cgi?id=220 ------- Additional Comments From markus at openbsd.org 2002-04-18 06:01 ------- i think i've seen this before and it was related to the realpath() implementation.... ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

https://bugzilla.mindrot.org/show_bug.cgi?id=2042 Priority: P5 Bug ID: 2042 Assignee: unassigned-bugs at mindrot.org Summary: Troubleshooting information should be logged when sshd doesn't have permission to read user's authorized_keys file Severity: enhancement Classification: Unclassified

Hi folks, If I try to login on a Cygwin host via ssh, then my .ssh on a network drive is unaccessible until I login. I have to enter my password, even if my authorized_keys would allow me to login without. This is fatal, since it forces me to use an interactive session for working on a Windows host. Unusable for automatic builds and tests managed from a central machine, for example. There is no

Hello everybody, I have a problem. You may have the answer :-) I'd like to use openssh for an authentication service. But that gives me a user, whose ~/.ssh/authorized_keys file has about 15000 entries. With about 300 characters per line I'd get 4,5 MB of data. I believe that this length of file could lead to performance issues; so I'm looking for solutions. I already saw the

https://bugzilla.mindrot.org/show_bug.cgi?id=1947 Bug #: 1947 Summary: Log authorized_keys format issues and refuse to accept keys Classification: Unclassified Product: Portable OpenSSH Version: 5.8p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2

I've written up a little HOWTO on how I set up my CVS server to allow anonymous access via ssh. I did it a little bit differently than the method documented by Theo and crew. Where their login shell has a lot of stuff in it, mine is a simple execle() statement. Url is here: http://reactor-core.org/#code After following the steps outlined in the HOWTO, I came across the following

Both ssh-copy-id and ssh create .ssh as 0700. ssh-copy-id creates .ssh/authorized_keys as 0600. Thanks: Ryan Sawhill for finding the bug. --- customize/ssh_key.ml | 4 ++-- src/guestfs.pod | 17 +++++++++++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/customize/ssh_key.ml b/customize/ssh_key.ml index 09664bf..dd6056f 100644 --- a/customize/ssh_key.ml +++

https://bugzilla.mindrot.org/show_bug.cgi?id=2678 Bug ID: 2678 Summary: PubKey Authentication fails when more than one user/group ACL is set on any Path component to authorized_keys Product: Portable OpenSSH Version: 5.3p1 Hardware: amd64 OS: Linux Status: NEW

http://bugzilla.mindrot.org/show_bug.cgi?id=1326 Summary: Allow non-public-key credentials in authorized_keys file (Kerberos, etc.) Product: Portable OpenSSH Version: 4.4p1 Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: Kerberos support

https://bugzilla.mindrot.org/show_bug.cgi?id=1720 Summary: would be nice if authorized_keys(5) existed Product: Portable OpenSSH Version: 5.3p1 Platform: Other URL: http://bugs.debian.org/441817 OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: Documentation

Here's a simple patch which retrieves authorized_keys via exec'ing a program, rather than reading a flat file. I added a simple option, AuthorizedKeysExec, to sshd_config which simply executes the respective file, passing the username as argv[1]. Keys are returned via stdout. Notes: If AuthorizedKeysExec is set and an authorized_keys file exists, checking the existing authorized_keys

Greetings, I am using OpenSSH Signed Public Key authentication for servers ssh login. All of the servers are setup with below sshd_config options: TrustedUserCAKeys /etc/ssh/ca.pub # CA Public Keys RevokedKeys /etc/ssh/revoke.pub # User Public Keys When i started working on it, for ssh authentication i had to have CA Public Key in User ~/.ssh/authorized_keys, like: cert-authority ssh-rsa

http://bugzilla.mindrot.org/show_bug.cgi?id=219 Summary: authorized_keys documentation Product: Portable OpenSSH Version: -current Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Documentation AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

When creating ~/.ssh and ~/.ssh/authorized_keys (in case they are missing), change their ownership to the target user. If not, they are owned by root. --- customize/ssh_key.ml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/customize/ssh_key.ml b/customize/ssh_key.ml index 7c482e7..d05816c 100644 --- a/customize/ssh_key.ml +++ b/customize/ssh_key.ml @@ -115,20 +115,24

https://bugzilla.mindrot.org/show_bug.cgi?id=3636 Bug ID: 3636 Summary: Public key authentication fails with incorrect message if authorized_keys is not UTF-8 encoded Product: Portable OpenSSH Version: 9.5p1 Hardware: Other OS: Other Status: NEW Severity: minor Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=2174 Bug ID: 2174 Summary: no-pty in authorized_keys does not prevent and interactive shell Product: Portable OpenSSH Version: 6.4p1 Hardware: All OS: Linux Status: NEW Severity: security Priority: P5 Component: sshd

https://bugzilla.mindrot.org/show_bug.cgi?id=2328 Bug ID: 2328 Summary: Per-user certificate revocation list (CRL) in authorized_keys Product: Portable OpenSSH Version: 6.7p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd

https://bugzilla.mindrot.org/show_bug.cgi?id=1694 Summary: If authorized_keys exists but can not be opened, this should be logged on server Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=1536 Summary: SSH modifies line endings when using command in authorized_keys Product: Portable OpenSSH Version: 5.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

Hi. On http://openssh.org/manual.html I think there should be authorized_keys(5) known_hosts(5) Can an authorized_keys entry say something like from=192.168.1.32,192.168.1.33 command=/bin/foo ... or do I need to make a separate entry for each IP address? Thanks Dave