A bit early for [SOLVED], I think. On Sat 26 Mar 2016 at 12:08:37 (-0500), Tom Browder wrote: > On Fri, Mar 25, 2016 at 12:12 PM, Tom Browder <tom.brow...@gmail.com> wrote: > > I have installed Deb on my laptop and reused my old Deb 7 .ssh directory. > > > > I can now ssh into the existing remote servers but cannot ssh into my > > laptop from them (as a normal user)--I always get asked for a > > password. So the remote servers recognize my old Deb 7 keys, but > > apparently my laptop doesn't recognize the other servers' keys. > ... > I found this wonderful resource: > http://www.unixlore.net/articles/troubleshooting-ssh-connections.html > which helped me solve the problem. > > First, in file '/etc/ssh/sshd_config', I changed the line > StrictModes yes > to this > StrictModes no > and restarted the ssh server. As root: > # invoke-rc.d ssh restart > Then I attempted the ssh login and it worked!
Not such a wonderful resource if it is so easily misunderstood. The idea is to fix the permissions, not make your installation less secure. > Base on the comments from jvp, I looked closer at my home directory on > the laptop and, sure enough, the permissions were too loose (first I > have ever heard of that, but then again I haven't looked at 'man ssh' > in many years). Note that I have for all the years after ssh came > along been setting the .ssh permissions correctly, but I've never run > into a problem with the home directory. In fact, when I was working > at our office on site (up until the end of 2008), we commonly allowed > read access between user directories but ssh still worked. > > But after setting the home directory permissions to 00700 and > restarting ssh, the login still didn't work! [...] > Then, in the upper widow, I saw the problem. Directory '/usr/local', > under which my .ssh directory is actually located, was reported to > have bad permissions: > > Authentication refused: bad ownership or modes for directory /usr/local > > I checked and they were, surprisingly: > > # ls -ld /usr/local > drwxrwsr-x 31 root staff 4096 Mar 24 07:37 /usr/local > > I don't know how that happened, but it must have happened during the > upgrade two days ago when I continued to use my original partition > mounted as '/usr/local' which was not supposed to have been touched. I don't know what happened long before that! When did /usr/local become your home directory? > Anyway, as root, I fixed the permissions back to what I think is correct: > > # chmod 00755 /usr/local > # ls -ld /usr/local > drwxr-xr-x 31 root staff 4096 Mar 24 07:37 /usr/local So now the system is degraded a bit more. The correct permissions, in fact the entire contents, are: $ ls -l /usr/ drwxr-xr-x 2 root root 81920 Mar 26 00:59 bin drwxr-xr-x 2 root root 4096 Apr 26 2015 games drwxr-xr-x 39 root root 16384 Feb 16 16:55 include drwxr-xr-x 156 root root 36864 Mar 14 07:16 lib drwxrwsr-x 10 root staff 4096 Oct 10 2012 local drwxr-xr-x 2 root root 12288 Mar 14 07:16 sbin drwxr-xr-x 319 root root 12288 Jan 20 19:22 share drwxr-xr-x 6 root root 4096 Mar 4 00:39 src $ ls -l /usr/local/ drwxrwsr-x 2 root staff 4096 Oct 10 2012 bin drwxrwsr-x 2 root staff 4096 Oct 10 2012 etc drwxrwsr-x 2 root staff 4096 Oct 10 2012 games drwxrwsr-x 2 root staff 4096 Oct 10 2012 include drwxrwsr-x 4 root staff 4096 Dec 15 2014 lib lrwxrwxrwx 1 root staff 9 Oct 10 2012 man -> share/man drwxrwsr-x 2 root staff 4096 Oct 10 2012 sbin drwxrwsr-x 10 root staff 4096 Aug 21 2015 share drwxrwsr-x 2 root staff 4096 Oct 10 2012 src $ So is this really the case as you said it was earlier: $ ls -l ~/.ssh/authorized_keys -rw------- 1 yourname yourname 3136 Jul 28 2015 /home/yourname/.ssh/authorized_keys $ grep yourname /etc/passwd yourname:x:1000:1000:Your Name,,,:/home/yourname:/bin/bash $ Cheers, David.
