Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSH authentication

 On Tue, Jan 01, 2008 at 08:10:16AM -0500, Jerry Feldman wrote: 
> I checked the system sshd_config and they did not change. I also 
> created debug logs (using -vvv).   

This only shows the client side... the server side is generally the 
most helpful, as I mentioned in my previous post.  You need to run 
sshd with the -d option to put it in debug mode.  This will almost 
certainly reveal what the problem is... 

My second guess would be that the permissions of your home directory 
itself have been changed to allow group or other to write there.  This 
would allow someone to remove your .ssh directory and replace it with 
a new copy with whatever authorized_keys file the attacker wants, so 
by default it's not allowed.  You mentioned .ssh and authorized_keys 
are secured, but didn't mention about your home directory. 

Derek D. Martin   GPG Key ID: 0xDFBEAD02 
This message is posted from an invalid address.  Replying to it will result in 
undeliverable mail due to spam prevention.  Sorry for the inconvenience. 

Discuss mailing list 
[hidden email]

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /