SSH keys for root

Silent Bob · 15 Mar 2007 at 13:23

I've spent all morning tying to log in to a redhat machine with the root user using a key generated by ssh-keygen. It all works fine for a non root user so there must be some setting blocking root. I'm also able to ssh in as root fine without the key (by entering the password).

One of the things i've tried is to copy the authroizedkeys2 file from the user i've got it working on to root/.ssh/ to make sure there's no typo's.

The funny thing is that it used to work and I don't recall of doing anything to change this.

Can anyone think of any settings that would stop it working that I can take a look at?

Cheers

Silent Bob · 15 Mar 2007 at 14:24

Thanks for the reply.
I've checked the permissions on all the files and everything there is fine. When running the ssh client -vvv I get the following:

Code:

debug1: Offering public key: /root/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred:
debug3: authmethod_is_enabled password
debug1: Next authentication method: password

I've read through it and couldn't realy see anything helpful. Unfortunately I'm unable to run sshd in the foreground as loads of other people use it and will get loads of angry people coming over if I cut them off

I've been reading that the /etc/securetty file says how root can login. But I guess if there was a problem there I wouldn't be able to login with root using ssh at all.

Silent Bob · 15 Mar 2007 at 15:59

This i getting crazy now.

I've copied the authorized_keys file into .ssh/ for another user and connecting to that user works fine. Then I copied the sshd_conf file onto another machne and tried connecting to root on there. Again that works fine. I think I can rule out anything in the sshd_conf file, and anything to do with the key files or authorized_keys file. The only other thing I can think of is there must be some obscure security configuration file somewhere which disables ssh keys for the root user, but not by logging in using a password.

I've also tired connecting with a ssh client from windows using the same private key (the public key is in both the normal users and roots authorized_keys files). There i'm able to connect to a non root user but when I connect using root i get "Server refused our public key"

Silent Bob · 15 Mar 2007 at 16:15

kiwi said:
are you sure the server is accepting ssh root logins? it's not uncommon to have it disabled.

I'm able to log in using ssh as root by typing in the pasword no problem at all.

Silent Bob · 15 Mar 2007 at 16:53

The only ssd_config I could find was in /etc/ssh/ I'm sure it's not a problem with sshd as it was working a few weeks back and the configuration file hasn't been changed for years.