[lug] stupid ssh config question

Steven A Hart steven.hart at colorado.edu
Thu Jun 15 10:13:33 MDT 2017 

Alan,  I have "PermitRootLogin" set to yes.  I know it's not an ideal thing
to allow root login over ssh but there are times that I need it.  I have
all SSH blocked from the outside world via the CU firewall so it's fairly
safe,

Steve

On Thu, Jun 15, 2017 at 10:10 AM, Alan Robertson <alanr at unix.sh> wrote:

>
> Normally root is disabled to come in by SSH. I forget the option name but
> it's something like allow root.
> --
>   Alan Robertson
>   alanr at unix.sh
>
>
>
> On Thu, Jun 15, 2017, at 10:02 AM, Steven A Hart wrote:
>
> I feel stupid even asking this but I have not had enough coffee yet and my
> brain does not want to see where I screwed up.
>
> Simle setup:  one server, one client.  I wanted to set it so that the root
> user on the server can ssh to the client root user without a password
> required.
>
> So on the server I generated the keys resulting in id_rsa and id_rsa.pub
> being created.  I moved  id_rsa.pub to authorized_keys and copied that over
> to the root account on the client in /root/.ssh.  Sure enough, the ssh
> works from server to client without password.
>
> The problem now is that when I ssh from anywhere to the server as either
> root or my admin account, I get:
>
> Permission denied (publickey).
>
> I know I made a stupid mistake somewhere, I just need someone to point and
> say "look there stupid!"
>
> Cheers
>
> Steve
>
> --
> Steve Hart
> Systems Administrator
> Colorado Center for Astrodynamics Research
> University of Colorado Boulder
> Steven.Hart at colorado.edu
> (303)492-8109 <(303)%20492-8109>
> *_______________________________________________*
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
>


-- 
Steve Hart
Systems Administrator
Colorado Center for Astrodynamics Research
University of Colorado Boulder
Steven.Hart at colorado.edu
(303)492-8109
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20170615/e3b3fa15/attachment.html>

More information about the LUG mailing list