[ILUG] scponlyc and authorized_keys

[Niall O Broin]

On 9 Jun 2009, at 12:27, Greg McRandal wrote:

> I'm having a problem using scponlyc and an authorized_keys. I have
> created a home dir and a writeable dir for the user. I have created a
> .ssh dir in both, both owned by the user, along with a file
> authorized_keys like this:
>
> $ ll -a ~greg/..
> drwx------  2 greg    greg    4096 2009-06-09 11:41 .ssh
> $ ll -a ~greg/../.ssh
> -rw-r--r-- 1 greg greg 604 2009-06-09 11:41 authorized_keys
> and
> $ ll -a ~greg/
> drwx------ 2 greg greg 4096 2009-06-09 11:35 .ssh
> $ ll -a ~greg/.ssh
> -rw-r--r-- 1 greg greg  603 2009-06-09 11:35 authorized_keys
>
> However when I try to log on as this user I am asked for my login
> password and not the one in authorized_keys.
>
> sftp -v gives this:
> debug1: Unspecified GSS failure.  Minor code may provide more
> information
> No credentials cache found
> debug1: Unspecified GSS failure.  Minor code may provide more
> information
> No credentials cache found
> debug1: Unspecified GSS failure.  Minor code may provide more
> information
> debug1: Next authentication method: publickey
> debug1: Trying private key: /home/greg/.ssh/id_rsa
> debug1: Offering public key: /home/greg/.ssh/id_dsa
> debug1: Authentications that can continue:
> publickey,gssapi-with-mic,password
> debug1: Next authentication method: password
>
> Am I doing something wrong?

Yes, you are. It seems reasonably clear from the above that you're  
fumbling in the dark. But that's OK - we've all been there. However,  
you're trying to setup scponlyc when you don't yet have a solid ssh  
setup - walk before you run and all that.

> Or does anyone have any pointers?

Rather than repeat what's out there, I'd simply suggest reading  
something like
http://suso.org/docs/shell/ssh.sdf  and when you are able to connect  
from A to B using ssh keys, then read something like  http://orangespike.ca/?q=node/79

Niall