ssh public key authentification

[Parker Anderson]

Hello Christian,

On 1/18/07, Christian Baer <christian.baer at uni-dortmund.de> wrote:
> Hi peeps!
>
> This may not seem to be a real FreeBSD-issue, but I've gotten this to
> run on several other machines, just not my Sun running FreeBSD. To
> clarify this: I haven't really tried this on any other FreeBSD system
> recently though. I'm probably just to thick to get it right, so go ahead
> and insult me, if you see the flaw in my scheme. :-)
>
> The main idea behind my evil plan is to be able to log into my other
> computers on the net (LAN) using PuTTY on a Windows-XP box without
> having to type my password all the time. Don't worry about the security
> aspect if my key could be stolen, I have taken other measures to avoid
> that.
>
> The whole thing should be pretty trivial: I created a key using PuTTY,
> copied the public key to ~/.ssh/authorized_keys (everthing in one line),
> chose the private key in PuTTY and tried to log in. All I got in
> response was: "Server refused out key."

Have you verified the permissions of the authorized_keys file on the
server?  If you have permissions set too loose (e.g. unneeded
read/write permission to groups/other users), sshd may be refusing to
trust that file.

> I went through all the default settings of the sshd (and yes, I did give
> it a HUP, when I changed the key) and everything checked out as far as I
> could tell. I had the feeling that PuTTY and the key created by it were
> the cause, so I created a key with ssh-keygen(1). Same result.
>
> What did I miss?

If the file permissions seem to be OK, you may want to check for sshd
entries in /var/log to see if there is a more verbose error available.

You may wish to give this a read (it mostly just covers those points):
http://www.freebsddiary.org/ssh-authorized-keys.php

Sincerely,
-Parker