[Bug 3507] Cannot get host-based authentication to work

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Dec 8 09:11:16 AEDT 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3507

Iain Morgan <imorgan at nas.nasa.gov> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |imorgan at nas.nasa.gov

--- Comment #19 from Iain Morgan <imorgan at nas.nasa.gov> ---
This looks like a client-side issue to me.

The client logs indicate that no host based authentication packet was
sent.  Since EnableSSHKeysign is set in the ssh_config, this probably
means that the permissions are incorrect on either the ssh-keyskgn
executable or the private host keys.

Note that on Red Hat, ssh-keyskgn is normally setgid to group ssh_keys,
and the private keys are expected to be readable by that group. 
Whereas, stock OpenSSH expects the private keys to be readable only by
root and thus ssh-keyskgn should be setuid root.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list