[gentoo-user] No access as normal user to my own.ssh-folder

[gentoo-user] No access as normal user to my own.ssh-folder

[Herbert Laubner]

I want to connect to another machine in my local network using ssh. Somehow I 
do not get it managed to write the fingerprint to the .ssh/known_hosts 
because of missing rights. 

herbert@windose ~ $ ssh 192.168.0.50
The authenticity of host '192.168.0.50 (192.168.0.50)' can't be established.
RSA key fingerprint is c5:1f:98:93:f3:30:01:b1:95:3e:30:40:47:ef:97:35.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts 
(/home/herbert/.ssh/known_hosts).
Password:
Last login: Wed Sep 26 20:37:42 2007 from 192.168.0.20
Welcome to Darwin!
rlbk-hmbg-de01:~ herbert$ exit
logout
Connection to 192.168.0.50 closed.

herbert@windose ~ $ ls -al /home/herbert/.ssh/
ls: Zugriff auf /home/herbert/.ssh/. nicht möglich: Keine Berechtigung
ls: Zugriff auf /home/herbert/.ssh/known_hosts nicht möglich: Keine 
Berechtigung
ls: Zugriff auf /home/herbert/.ssh/.. nicht möglich: Keine Berechtigung
insgesamt 0
d????????? ? ? ? ?             ? .
d????????? ? ? ? ?             ? ..
d????????? ? ? ? ?             ? known_hosts

I think, it has to be a stupid mistake. I did 
windose ~ # chown herbert /home/herbert/.ssh 
windose ~ # chgrp users /home/herbert/.ssh 

but this did not help??

Regards
Herbert
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] No access as normal user to my own.ssh-folder

[Elias Probst]

[-- Attachment #1: Type: text/plain, Size: 727 bytes --]

Am Mittwoch, 26. September 2007 20:59:55 schrieb Herbert Laubner:
> I think, it has to be a stupid mistake. I did
> windose ~ # chown herbert /home/herbert/.ssh
> windose ~ # chgrp users /home/herbert/.ssh
>
> but this did not help??

Do a 'chown -R herbert:users ~/.ssh' because your executed command didn't 
change the permissions of the files inside of the directory, just the 
permissions of the directory itself.

Keep in mind that your directory and the files inside need the following 
permissions:

- rw-------

So just do a 'chmod -R u+rw ~/.ssh && chmod -R go-rwx ~/.ssh' and you should 
be fine.

Regards, Elias P.

-- 
A really nice number:
"09:F9:11:02:9D:74:E3:5B:D8:41:56:C5:63:56:88:C0"

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] No access as normal user to my own.ssh-folder

[Mick]

[-- Attachment #1: Type: text/plain, Size: 1785 bytes --]

On Wednesday 26 September 2007, Herbert Laubner wrote:
> I want to connect to another machine in my local network using ssh. Somehow
> I do not get it managed to write the fingerprint to the .ssh/known_hosts
> because of missing rights.
>
> herbert@windose ~ $ ssh 192.168.0.50
> The authenticity of host '192.168.0.50 (192.168.0.50)' can't be
> established. RSA key fingerprint is
> c5:1f:98:93:f3:30:01:b1:95:3e:30:40:47:ef:97:35. Are you sure you want to
> continue connecting (yes/no)? yes
> Failed to add the host to the list of known hosts
> (/home/herbert/.ssh/known_hosts).
> Password:
> Last login: Wed Sep 26 20:37:42 2007 from 192.168.0.20
> Welcome to Darwin!
> rlbk-hmbg-de01:~ herbert$ exit
> logout
> Connection to 192.168.0.50 closed.
>
> herbert@windose ~ $ ls -al /home/herbert/.ssh/
> ls: Zugriff auf /home/herbert/.ssh/. nicht möglich: Keine Berechtigung
> ls: Zugriff auf /home/herbert/.ssh/known_hosts nicht möglich: Keine
> Berechtigung
> ls: Zugriff auf /home/herbert/.ssh/.. nicht möglich: Keine Berechtigung
> insgesamt 0
> d????????? ? ? ? ?             ? .
> d????????? ? ? ? ?             ? ..
> d????????? ? ? ? ?             ? known_hosts
>
> I think, it has to be a stupid mistake. I did
> windose ~ # chown herbert /home/herbert/.ssh
> windose ~ # chgrp users /home/herbert/.ssh
>
> but this did not help??

I cannot see what your access rights are (all I got was "?" as shown above).  
Add -r to chgrp to recursively change the files under it.  Finally, if the 
character "d" is correct for directory, then your known_hosts is not a file 
as it should be, but perhaps by mistake you created it as a directory and 
have not adapted your ssh_config, or ~/.ssh/config to reflect that.

HTH.
-- 
Regards,
Mick

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] No access as normal user to my own.ssh-folder

[Alan McKinnon]

On Wednesday 26 September 2007, Herbert Laubner wrote:
> I want to connect to another machine in my local network using ssh.
> Somehow I do not get it managed to write the fingerprint to the
> .ssh/known_hosts because of missing rights.
>
> herbert@windose ~ $ ssh 192.168.0.50
> The authenticity of host '192.168.0.50 (192.168.0.50)' can't be
> established. RSA key fingerprint is
> c5:1f:98:93:f3:30:01:b1:95:3e:30:40:47:ef:97:35. Are you sure you
> want to continue connecting (yes/no)? yes
> Failed to add the host to the list of known hosts
> (/home/herbert/.ssh/known_hosts).
> Password:
> Last login: Wed Sep 26 20:37:42 2007 from 192.168.0.20
> Welcome to Darwin!
> rlbk-hmbg-de01:~ herbert$ exit
> logout
> Connection to 192.168.0.50 closed.
>
> herbert@windose ~ $ ls -al /home/herbert/.ssh/
> ls: Zugriff auf /home/herbert/.ssh/. nicht möglich: Keine
> Berechtigung ls: Zugriff auf /home/herbert/.ssh/known_hosts nicht
> möglich: Keine Berechtigung
> ls: Zugriff auf /home/herbert/.ssh/.. nicht möglich: Keine
> Berechtigung insgesamt 0
> d????????? ? ? ? ?             ? .
> d????????? ? ? ? ?             ? ..
> d????????? ? ? ? ?             ? known_hosts

Ouch. That's file system corruption. You need to fsck that disk right 
now. I once saw similar stuff on a reiser filesystem and the only thing 
that helped was --rebuild-tree. Good luck on your end.

> I think, it has to be a stupid mistake. I did
> windose ~ # chown herbert /home/herbert/.ssh
> windose ~ # chgrp users /home/herbert/.ssh
>
> but this did not help??

Two reasons:

1. You only chowned the directory itself, not the files in it. What you 
probably wanted was

chown -R herbert:users /home/herbert/.ssh

2. The filesystem metadata is corrupt, so you wont be able to do 
anything in that directory anyway. 

alan


-- 
Optimists say the glass is half full,
Pessimists say the glass is half empty,
Developers say wtf is the glass twice as big as it needs to be?

Alan McKinnon
alan at linuxholdings dot co dot za
+27 82, double three seven, one nine three five
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] No access as normal user to my own.ssh-folder [SOLVED]

[Herbert Laubner]

>
> I cannot see what your access rights are (all I got was "?" as shown
> above). Add -r to chgrp to recursively change the files under it.  Finally,
> if the character "d" is correct for directory, then your known_hosts is not
> a file as it should be, but perhaps by mistake you created it as a
> directory and have not adapted your ssh_config, or ~/.ssh/config to reflect
> that.
>

I just deleted as root the .ssh folder and created it as normal user again, no 
it works!
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] No access as normal user to my own.ssh-folder

[Herbert Laubner]

> > d????????? ? ? ? ?             ? .
> > d????????? ? ? ? ?             ? ..
> > d????????? ? ? ? ?             ? known_hosts
>
> Ouch. That's file system corruption. You need to fsck that disk right
> now. I once saw similar stuff on a reiser filesystem and the only thing
> that helped was --rebuild-tree. Good luck on your end.

I hope it's not. I removed that .ssh folder as root and re-created it as 
normal user. Works (for now)

Herbert
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] No access as normal user to my own.ssh-folder

[Dan Farrell]

On Wed, 26 Sep 2007 21:21:26 +0200
Alan McKinnon <alan@linuxholdings.co.za> wrote:

> Ouch. That's file system corruption. You need to fsck that disk right 
> now. I once saw similar stuff on a reiser filesystem and the only
> thing that helped was --rebuild-tree. Good luck on your end.

Wrong!  In this case the user probably has execute permissions on the
directory so they can list the file names, but doesn't have read
permissions on the files in the directory, so ls can't list the
permissions, attributes, & so on.  

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] No access as normal user to my own.ssh-folder

[Alan McKinnon]

On Thursday 27 September 2007, Dan Farrell wrote:
> On Wed, 26 Sep 2007 21:21:26 +0200
>
> Alan McKinnon <alan@linuxholdings.co.za> wrote:
> > Ouch. That's file system corruption. You need to fsck that disk
> > right now. I once saw similar stuff on a reiser filesystem and the
> > only thing that helped was --rebuild-tree. Good luck on your end.
>
> Wrong!  In this case the user probably has execute permissions on the
> directory so they can list the file names, but doesn't have read
> permissions on the files in the directory, so ls can't list the
> permissions, attributes, & so on.

Ah yes, you are right. I missed the 'd' in the 'd????????' part of the 
output, my bad.

If Herbert hasn't gotten this fixed yet, here are working permissions 
for the .ssh dirctory and contents;

alan@nazgul ~ $ ll -d /home/alan/.ssh/
drwx------ 2 alan alan 80 Feb 24  2007 /home/alan/.ssh//

alan@nazgul ~ $ ll /home/alan/.ssh/
total 13
drwx------  2 alan alan   80 Feb 24  2007 ./
drwxr-xr-x 96 alan alan 5088 Sep 27 09:01 ../
-rw-r--r--  1 alan alan 5229 Sep 10 22:44 known_hosts

alan


-- 
Optimists say the glass is half full,
Pessimists say the glass is half empty,
Developers say wtf is the glass twice as big as it needs to be?

Alan McKinnon
alan at linuxholdings dot co dot za
+27 82, double three seven, one nine three five
-- 
gentoo-user@gentoo.org mailing list