Hello everyone ,
Lets discuss how to troubleshoot following error while trying to login remotely using pass wordless ssh.
"sshd[22107]: Authentication refused: bad ownership or modes for directory"
One user from development team was trying to run some pearl script and while executing that script he getting permission denied and prompting for password(pass wordless authentication environment)
When user executing pearl script he was getting following message
please authenticate for oracle|Authenticated with
partial success|Permission denied (keyboard-interactive,password
So I decided to check /var/log/authlog file for any clue. After checking file found following line in authlog.
sshd[20856]: Authentication refused: bad ownership or modes for directory /home/oracle
from this clue it indicating that ownership or mode on home directory not correctly set. when i checked found that ownership is correct but permission on home directory wasn't correct . "/home/oracle" directory was group writable and this causing error "sshd[22107]: Authentication refused: bad ownership or modes for directory".
So here are step which i performed to correct this error
#chmod g-w /home/oracle
#ls -ld /home/oracle
#Linux: /home/oracle# ls -ld /home/oracle
drwxr-x--- 2 oracle dba 4096 Nov 3 2017 /home/oracle
so here important thing is home directory must not group writeable.
After removing write permission from group development user able successfully execute pearl script and able to do passwordless login.
Some other pre-requisite for passwordless ssh configuration are like below.......
1 User home directory permission :755 and correct ownership
2 .ssh: 700 and correct ownership
3 authorized_keys :600 and correct ownership
4 correct public key at both source and destination server
Thanks !!!!!!!!!!!
Lets discuss how to troubleshoot following error while trying to login remotely using pass wordless ssh.
"sshd[22107]: Authentication refused: bad ownership or modes for directory"
One user from development team was trying to run some pearl script and while executing that script he getting permission denied and prompting for password(pass wordless authentication environment)
When user executing pearl script he was getting following message
please authenticate for oracle|Authenticated with
partial success|Permission denied (keyboard-interactive,password
So I decided to check /var/log/authlog file for any clue. After checking file found following line in authlog.
sshd[20856]: Authentication refused: bad ownership or modes for directory /home/oracle
from this clue it indicating that ownership or mode on home directory not correctly set. when i checked found that ownership is correct but permission on home directory wasn't correct . "/home/oracle" directory was group writable and this causing error "sshd[22107]: Authentication refused: bad ownership or modes for directory".
So here are step which i performed to correct this error
#chmod g-w /home/oracle
#ls -ld /home/oracle
#Linux: /home/oracle# ls -ld /home/oracle
drwxr-x--- 2 oracle dba 4096 Nov 3 2017 /home/oracle
so here important thing is home directory must not group writeable.
After removing write permission from group development user able successfully execute pearl script and able to do passwordless login.
Some other pre-requisite for passwordless ssh configuration are like below.......
1 User home directory permission :755 and correct ownership
2 .ssh: 700 and correct ownership
3 authorized_keys :600 and correct ownership
4 correct public key at both source and destination server
Thanks !!!!!!!!!!!
No comments:
Post a Comment