Heisenbug with Fedora 8, selinux, and SSH public keys
Ben Scott
dragonhawk at gmail.com
Wed Feb 20 02:32:11 EST 2008
This is an FYI.
On my newish Fedora 8 install. One issue I had is that I can't SSH
in and authenticate using public keys. I get prompted for a password.
Password login works. Just not public key authentication. I can SSH
out with pubkeys, not in, though. Same home directory (multi-boot;
shared disk partition) works fine on Fedora 6. Server syslog logs
don't indicate anything helpful, even with the sshd log level cranked
up to DEBUG3. "ssh -vvv" also didn't yield any clues. Reproduces
with stock sshd_config file as well as the one I was using on Fedora
6.
Poking around on the web, I find someone suggesting running SSH in
foreground debug mode with "sshd -d". Grasping for straws, I try
that. And *the problem goes away*. That's right, when running
normally, it doesn't work; when running in debug mode, it works fine.
Heisenbug. <whimper>
I eventually discover that running "/sbin/restorecon ~bscott ;
/sbin/restorecon -r ~bscott/.ssh" fixes the issue. Apparently SELinux
labeling wasn't right for something. What I still don't get is why
running sshd in debug mode made it work.
Submitted for your approval.
/cue "Twilight Zone" theme
-- Ben
More information about the gnhlug-discuss
mailing list