only root without password

Iain Morgan imorgan at nas.nasa.gov
Sat Dec 20 11:34:05 EST 2008 

The main observation from this output is that you're running a fairly
old version of OpenSSH. While it includes the startup of sshd, it does
not appear to have any information regarding attempted connections.

I recommend taking a step back and debug from the client first. After
all, it could be that the client is not offering a public key in the
problematic case. Start with an ssh -v for each case (not -vvv). That
will enable you to confirm whether or not the client is doing the right
thing. After that, try sshd -d.

On Fri, Dec 19, 2008 at 20:24:07 +0000, Fede Rico wrote:
> The sshd -ddd output
> 
> debug2: load_server_config: filename /etc/ssh/sshd_config
> debug2: load_server_config: done config len = 321
> debug2: parse_server_config: config /etc/ssh/sshd_config len 321
> debug1: sshd version OpenSSH_3.9p1
> debug1: private host key: #0 type 0 RSA1
> debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
> debug1: read PEM private key done: type RSA
> debug1: private host key: #1 type 1 RSA
> debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
> debug1: read PEM private key done: type DSA
> debug1: private host key: #2 type 2 DSA
> debug1: rexec_argv[0]='/usr/sbin/sshd'
> debug1: rexec_argv[1]='-D'
> debug1: rexec_argv[2]='-ddd'
> debug1: rexec_argv[3]='-p'
> debug1: rexec_argv[4]='3333'
> debug2: fd 3 setting O_NONBLOCK
> debug1: Bind to port 3333 on ::.
> Server listening on :: port 3333.
> debug2: fd 4 setting O_NONBLOCK
> debug1: Bind to port 3333 on 0.0.0.0.
> Bind to port 3333 on 0.0.0.0 failed: Address already in use.
> Generating 768 bit RSA key.
> RSA key generation complete.
> debug3: fd 4 is not O_NONBLOCK
> debug1: Server will not fork when running in debugging mode.
> debug3: send_rexec_state: entering fd = 7 config len 321
> debug3: ssh_msg_send: type 0
> debug3: send_rexec_state: done
> debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
> 
> 
> 
> --- Ven 19/12/08, Bob Proulx <bob at proulx.com> ha scritto:
> 
> > Da: Bob Proulx <bob at proulx.com>
> > Oggetto: Re: only root without password
> > A: "Fede Rico" <fede_home at yahoo.it>
> > Cc: openssh-unix-dev at mindrot.org
> > Data: Venerdì 19 dicembre 2008, 18:18
> > Fede Rico wrote:
> > > this is the .ssh permission:
> > > 
> > > .ssh
> > > 4,0K drwx------ 2 oracle oinstall 4,0K 2008-12-04
> > 22:44 .ssh
> > > 
> > > .ssh/
> > > 4,0K -rw-r--r-- 1 oracle oinstall  859 2008-12-04
> > 22:44 authorized_keys
> > > 4,0K -rw------- 1 oracle oinstall 1,7K 2008-12-04
> > 22:39 id_rsa
> > > 4,0K -rw-r--r-- 1 oracle oinstall  403 2008-12-04
> > 22:39 id_rsa.pub
> > > 4,0K -rw-r--r-- 1 oracle oinstall 1,5K 2008-12-17
> > 19:07 known_hosts
> > 
> > You did not show the permissions on the home directory. 
> > Those are
> > also considered and are often the source of problems.
> > 
> >   chmod go-w $HOME
> > 
> > > The ssh works without the password for the
> > "root" user, any other user
> > > cannot use the key and ssh ask me for the password !!
> > 
> > It is possible that root has an ssh-agent and the ssh-agent
> > has an
> > authorized key loaded but the non-root user does not?  That
> > could give
> > the appearance of what you describe.
> > 
> >   ssh-add -l
> >   ssh-add -L
> > 
> > Bob
> 
> 
>       
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

-- 
Iain Morgan

More information about the openssh-unix-dev mailing list