OpenSSH 3.6.1p2 ON SCO 3.2v4.2 + STRICTMODES -->yes

Vikash Badal - PCS VikashB at ComparexAfrica.co.za
Thu Jul 10 16:00:52 EST 2003 

Greetings,

> -----Original Message-----
> From: Paul L. Allen [mailto:paul.l.allen at boeing.com]
> Sent: 10 July 2003 07:50
> To: Vikash Badal - PCS
> Subject: Re: OpenSSH 3.6.1p2 ON SCO 3.2v4.2 + STRICTMODES -->yes
> 
> 
> Vikash Badal - PCS wrote:
> > 
> > 
> >  > -----Original Message-----
> >  > From: Paul L. Allen [mailto:paul.l.allen at boeing.com]
>  >  [...]
> >  > The error you're getting is "bad ownership or modes".  For
> >  > completeness,
> >  > you should say what the permissions are on root's /.ssh 
> directory and
> >  > on the authorized_keys and authorized_keys2 files inside it.
> >  >
> >  > Paul Allen
> > The permissions are :
> > [root at sco]: / # ls -ld / /.ssh /.ssh/auth*
> > drwxr-xr-x  19 root     bin          672 Jul 09 09:23 /
> > drwxr-xr-x   2 root     other        272 Jul 08 10:20 /.ssh
> > -rw-------   1 root     other       2670 Jul 08 10:20 
> /.ssh/authorized_keys
> > -rw-------   1 root     other       4243 Jul 08 10:20 
> > /.ssh/authorized_keys2
> > [root at sco]: / #
> > 
> > As you can see these perms are okay.
> 
> I'm pretty sure it wants the directory to be secure as well.  Try
> setting /.ssh to 0700 and see if it helps.  If it doesn't, you may
> have a bug.
> 
> Good luck!
> 
> Paul

Tried setting /.ssh to 700 still no success:

debug1: trying public key file //.ssh/authorized_keys2
debug3: secure_filename: checking '/.ssh'
debug3: secure_filename: checking ''
Authentication refused: bad ownership or modes for directory
debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss
Failed publickey for root from 192.168.1.1 port 1119 ssh2
debug1: userauth-request for user root service ssh-connection method
keyboard-interactive
debug1: attempt 2 failures 2
debug2: input_userauth_request: try method keyboard-interactive
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=root devs=
debug1: kbdint_alloc: devices ''
debug2: auth2_challenge_start: devices
Failed keyboard-interactive for root from 192.168.1.1 port 1119 ssh2
Connection closed by 192.168.1.1
debug1: Calling cleanup 0x24104(0x0)
[root at sco]: /usr/home/dev/openssh-3.6.1p2 # ls -ld / /.ssh /.ssh/auth*
drwxr-xr-x  19 root     bin          672 Jul 09 09:23 /
drwx------   2 root     other        272 Jul 08 10:20 /.ssh
-rw-------   1 root     other       2670 Jul 08 10:20 /.ssh/authorized_keys
-rw-------   1 root     other       4243 Jul 08 10:20 /.ssh/authorized_keys2
[root at sco]: /usr/home/dev/openssh-3.6.1p2 #

The line "debug3: secure_filename: checking ''" seems to be the problem.
Its checking for a non existent file.

On Unixware 7.1.1 and Openserver, that line is 
==>debug3: secure_filename: checking '/'<==


Vikash

More information about the openssh-unix-dev mailing list