diff options
| author |  http://joeyh.name/ <joey@web> | 2013-04-14 18:27:35 +0000 |
|---|---|---|
| committer |  admin <admin@branchable.com> | 2013-04-14 18:27:35 +0000 |
| commit | 3ade0a7897419485034848e77ae2eb4537048b4f (patch) | |
| tree | 728f2564d093a997ca583f52269b4a9f6620fba2 | |
| parent | 0aec4b8b60a4f424a94f25c1b2b706af978c1709 (diff) | |
Added a comment
| -rw-r--r-- | doc/bugs/The_restricted_ssh_key_pair_makes_password_login___40__nearly__41___impossible/comment_13_c9d6631c304acb289e485fb901e1f274._comment | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/doc/bugs/The_restricted_ssh_key_pair_makes_password_login___40__nearly__41___impossible/comment_13_c9d6631c304acb289e485fb901e1f274._comment b/doc/bugs/The_restricted_ssh_key_pair_makes_password_login___40__nearly__41___impossible/comment_13_c9d6631c304acb289e485fb901e1f274._comment new file mode 100644 index 000000000..083c1e5a2 --- /dev/null +++ b/doc/bugs/The_restricted_ssh_key_pair_makes_password_login___40__nearly__41___impossible/comment_13_c9d6631c304acb289e485fb901e1f274._comment @@ -0,0 +1,35 @@ +[[!comment format=mdwn + username="http://joeyh.name/" + nickname="joey" + subject="comment 13" + date="2013-04-14T18:27:35Z" + content=""" +This should not be a hard problem to debug. + +* You have a local client, and a remote server. +* The remote server has a `~/.ssh/authorized_keys` file that contains a public key that git-annex set up, which is restricted to only run \"command=git-annex-shell\". +* The local client has that key in `~/.ssh/key.git-annex-$hostname-$username` +* The local client is configured in `~/.ssh/config` to only use that key when sshing to the special hostname \"git-annex-$hostname-$username\" +* The problem is either on the client, or on the server. +* If the problem is on the client, then it must be, somehow, incorrectly sending the git-annex key to the server when you \"ssh $hostname\". You can see what keys it decides to send by looking at the messages it prints with -vvv : + +<pre> +joey@gnu:~>ssh -vvv git-annex-kitenet.net-joey +OpenSSH_6.0p1 Debian-4, OpenSSL 1.0.1e 11 Feb 2013 +debug1: Reading configuration data /home/joey/.ssh/config +debug1: /home/joey/.ssh/config line 3: Applying options for git-annex-kitenet.net-joey +debug1: Reading configuration data /etc/ssh/ssh_config +debug1: /etc/ssh/ssh_config line 19: Applying options for * +debug2: ssh_connect: needpriv 0 +debug1: Connecting to kitenet.net [80.68.85.49] port 22. +debug1: Connection established. +debug3: Incorrect RSA1 identifier +debug3: Could not load \"/home/joey/.ssh/key.git-annex-kitenet.net-joey\" as a RSA1 public key +debug1: identity file /home/joey/.ssh/key.git-annex-kitenet.net-joey type 1 +</pre> + +* If the problem is on the server, then it must be for some reason deciding to run `git-annex-shell` when you ssh in, + despite the client not sending it the special git-annex key. If this were the case, no change you made on the client could fix + the problem, but deleting `.ssh/authorized_keys` on the server probably would. + +"""]] |