[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re[3]: [cobalt-security] ssh authorized_keys problem on cobalt raq4r

Subject: Re[3]: [cobalt-security] ssh authorized_keys problem on cobalt raq4r
From: Christoph Jäger <christoph.jaeger@xxxxxxxxx>
Date: Tue, 21 Jan 2003 14:33:28 +0100
Organization: abaton EDV Dienstleistungs GmbH
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

sorry for filling up the sec list but I found the solution for this:

 - the homedir does not have write access for group or others
 - the .ssh dir is chmod 700
 - all the files in the .ssh dir are chmod 600


-------------
Hi Eugene!

Made the trick, but I have still the same problem. The key is there
and everithing is just working as root. This is a putty-win snip, but the
same msg'S from *UX servers.

--- snip ---

Looking up host "HOSTNAME"
Connecting to 000.000.000.000 port 22
Server version: SSH-1.99-OpenSSH_3.4p1
We claim version: SSH-1.5-PuTTY-Release-0.53
Using SSH protocol version 1
Received public keys
Host key fingerprint is:
      1024 33:6c:09:da:d7:a9:db:ce:10:78:59:63:2c:46:2b:54
Encrypted session key
Using 3DES encryption
Trying to enable encryption...
Successfully started encryption
Sent username "USER"
Pageant is running. Requesting keys.
Pageant has 1 SSH1 keys
Trying Pageant key #0
This key matches configured key file
Key refused
USER@HOSTNAME's password:

--- snip ---


thx, christoph jäger

--------------------

On Mon, 2003-01-20 at 18:06, Christoph Jäger wrote:
> Hi all!
> 
> OpenSSH Release 3.4p1-PM4 from pkgmaster.com
> 
> Today I just tried to ssh-login to the box authorized_keys. I just
> have a "small" problem here: with user root it is working fine, but
> with all other users it is not working. I created the dir in the home
> dir and placed pub key into authorized_keys:
> /home/sites/siteXX/users/USERNAME/.ssh/authorized_keys
> 
> At login the box is always asking for the users password - it's not the
> key's password it's the users pwd. I also compared the configs it with my other
> servers (no cobalt), and I didn't found some reasonable differences.
> 
> Some cobalt hole? Some special config?

It's Cobalt "speciality".  Home dirs of users are created
group-writable, which is considered insecure by ssh (other user in your
group is able to replace .ssh in your home with the one containing her
authorized_keys and thus steal your identity).

Manually "chmod g-w $HOME" and you'll be able to login.

Eugene

_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security

_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security

References:
- [cobalt-security] ssh authorized_keys problem on cobalt raq4r
  - From: Christoph Jäger
- Re: [cobalt-security] ssh authorized_keys problem on cobalt raq4r
  - From: Eugene Crosser
- Re[2]: [cobalt-security] ssh authorized_keys problem on cobalt raq4r
  - From: Christoph Jäger

Prev by Date: Re: [cobalt-security] Bug-Travel
Next by Date: [cobalt-security] The nasty RaQ hack...
Previous by thread: Re[2]: [cobalt-security] ssh authorized_keys problem on cobalt raq4r
Next by thread: [cobalt-security] RAQ 550 is hardware firewall necessary & are loud fans the norm?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index