Track down problem with access to display 0.0
Nalin Dahyabhai
nalin at redhat.com
Wed Jul 28 19:24:11 UTC 2004
On Wed, Jul 28, 2004 at 05:06:04AM -0500, Harry Putnam wrote:
> Nalin Dahyabhai <nalin at redhat.com> writes:
> > Please double-check the permissions on the respective users' ~/.ssh
> > directories and ~/.ssh/authorized_keys files. Both should be readable
> > by root, and neither should be group-writable.
>
> ssh writes the *.pub keys at 644 itself
>
> A ssh -vv would have revealed those kinds of problems...
> ls -l .ssh
> total 36
> -rw-r--r-- 1 reader reader 4298 Jul 25 17:06 authorized_keys
> -rw-r--r-- 1 reader reader 3600 Mar 4 06:01 authorized_keys~
[snip]
What are the permissions on /root/.ssh and /root/.ssh/authorized_keys?
> >> and any xterm I open and type `ssh-agent --list' responds with:
> >>
> >> SSH_AUTH_SOCK=/tmp/ssh-ZLkKhp5346/agent.5346; export SSH_AUTH_SOCK;
> >> SSH_AGENT_PID=5347; export SSH_AGENT_PID;
> >> echo Agent pid 5347;
> >>
> >> [..]
> >
> > I don't think this does what you think it does. Try 'ssh-add -l' to
> > query the list of keys which your current agent holds.
>
> I think it does... All I expected it to show was that the instant
> xterm knows the ssh-agent pid and hence which socket to talk to.
I believe you're mistaken -- that launched a new copy of ssh-agent.
> Further I know for certain any xterm I start in my desktop can handle
> a remote ssh login under agent control because I do it constantly. If
> the agent wasn't running then sshing to remote mach fwobsd would
> result in a login prompt but does not. Either from $user or root
> account. But just for good measure:
>
> ssh-add -l
> 1024 96:c0:59:ac:53:56:21:3c:6c:33:36:30:00:e1:b7:50 /home/reader/.ssh/id_rsa (RSA)
> 1024 f2:5c:c8:20:6a:3b:33:1e:35:45:c9:3d:6d:18:42:e2 /home/reader/.ssh/id_dsa (DSA)
Are you able to connect to the root account remotely using pubkey
authentication?
Nalin
More information about the fedora-test-list
mailing list