 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Thu, 3 Jan 2008 19:18:30 -0500 Derek Martin <[hidden email]> wrote: > On Tue, Jan 01, 2008 at 08:10:16AM -0500, Jerry Feldman wrote: > > I checked the system sshd_config and they did not change. I also > > created debug logs (using -vvv). > > This only shows the client side... the server side is generally the > most helpful, as I mentioned in my previous post. You need to run > sshd with the -d option to put it in debug mode. This will almost > certainly reveal what the problem is... > > My second guess would be that the permissions of your home directory > itself have been changed to allow group or other to write there. This > would allow someone to remove your .ssh directory and replace it with > a new copy with whatever authorized_keys file the attacker wants, so > by default it's not allowed. You mentioned .ssh and authorized_keys > are secured, but didn't mention about your home directory.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
