Topic: SSH remote login oddity

[toothandnail]

My system is currently behind a dynamic IP, something I should be able to change fairly soon. However, in the meantime, I need access to a remote SME Server machine. To do this, I set up SSH access flowing the instructions here:

http://wiki.contribs.org/SSH_Public-Private_Keys#Installing_the_Public_Key_onto_the_Server

I already had the public/private key pair, and I have set the remote server manager to accept SSH connections from the internet, allow command line access, but not with normal passwords.

I added my public key to /root/.ssh/authorized_keys. Having done so, I can now log into the machine from here, which means I should be able to do the necessary admin work without too much compromise to its security.

I also added my public key to /home/e-smith/files/users/admin/.ssh/authorized_keys. However, any attempt to log in as admin results in an almost instant failure. The error I'm getting is this:

Code: [Select]

fang[~]$ ssh admin@mail.domain.co.uk
Permission denied (publickey).
I'm not even being prompted for my passphrase, so I'm not entirely sure whether the error is locally generated or comes from the remote server. As another test, I also copied my public key to /home/e-smith/files/users/paul/.ssh/auhorized_keys. If I attempt to login using that account, I get a different error:

Code: [Select]

fang[~]$ ssh paul@mail.domain.co.uk
Enter passphrase for key '/home/fang/.ssh/id_rsa':
Last login: Tue Apr 29 11:32:40 2008 from pc-00075.brillcomputers.co.uk
Connection to mail.brillcomputers.co.uk closed.
In this instance, I do get prompted for the passphrade, but the connection is closed immediately.

Initially, I tried setting the SSH access, but allowing log in with standard passwords. Decided that was too insecure to risk, so I changed it. However, before I changed it, I was able to log in as admin (in fact, I was able to login as admin, run the server manager and disable remote SSH access - suprised me a bit that it worked...). I didn't try logging in using my account name at that time.

Can anyone tell me what I have incorrectly set up, since I can no longer use an SSH login as admin? Also, from reading the wiki, I expected to be able to login from remote using just user@domain.co.uk. If I do that, the system simply sits. Logging in with user@mail.domain.co.uk works...

This is partially curiosity, since I don't expect to have to use this for very long, and I should be able to do all I need logged in as root. However, the behaviour seems a bit strange, so I wonder what I have failed to set up correctly.

paul

[cactus]

I'm not even being prompted for my passphrase, so I'm not entirely sure whether the error is locally generated or comes from the remote server. As another test, I also copied my public key to /home/e-smith/files/users/paul/.ssh/auhorized_keys. If I attempt to login using that account, I get a different error:

Don't know if this is an error as I had the same however it is easy to workaround. Log in as root and issue the following:

Code: [Select]

su admin

Edit: fixed command

[cactus]

I'm not even being prompted for my passphrase, so I'm not entirely sure whether the error is locally generated or comes from the remote server. As another test, I also copied my public key to /home/e-smith/files/users/paul/.ssh/auhorized_keys. If I attempt to login using that account, I get a different error:

Did you configure a shell for this user? You can make live much easier by installing the smeserver-remoteuseraccess contrib from smecontribs:

Code: [Select]

yum --enablerepo=smecontribs install smeserver-remoteuseraccess
More information: http://www.dungog.net/wiki/Smeserver-remoteuseraccess

[toothandnail]

Don't know if this is an error as I had the same however it is easy to workaround. Log in as root and issue the following:

Code: [Select]

sudo admin

Thanks for the quick response. Tried that, but I'm getting 'sudo: admin: command not found'

paul.

[toothandnail]

Did you configure a shell for this user? You can make live much easier by installing the smeserver-remoteuseraccess contrib from smecontribs:

Code: [Select]

yum --enablerepo=smecontribs install smeserver-remoteuseraccess
More information: http://www.dungog.net/wiki/Smeserver-remoteuseraccess

  Completely forgot. So 'paul' has no shell. I'll have to fix that.

I'll also try the contrib - sounds like it could make life much easier. Thanks.

paul.

[cactus]

Thanks for the quick response. Tried that, but I'm getting 'sudo: admin: command not found'

paul.

Oops:

Code: [Select]

su admin

[toothandnail]

Oops:

Code: [Select]

su admin

  Great, thanks. Works a treat. And is probably better than logging in as admin anyway.

One strange thing - guess its down to the recent update. The admin panel menu now seems to be lacking an exit option. I found that CTRL-ALT-BckSpace gets out of it, so its not major...

paul.

[cactus]

One strange thing - guess its down to the recent update. The admin panel menu now seems to be lacking an exit option. I found that CTRL-ALT-BckSpace gets out of it, so its not major...

Have another good look please (imnage taken from the Administration Manual found in the wiki)... at the bottom of the screen the most right button of the two reads 'Exit'... what would that be used for you think???