For When You Can't Have The Real Thing
[ start | index | login ]
start > CentOS > 6 > ssh > SElinux SSH Pubkey Bug

SElinux SSH Pubkey Bug

Created by dave. Last edited by dave, 5 years and 308 days ago. Viewed 1,610 times. #1
[edit] [rdf]
labels
attachments
(14 February 2013)

Problem

CentOS 6 is not accepting pubkey login attempts.

Solution

SElinux has a bug which rejects the credentials when it is set to Enforcing mode.

To fix, either

  • disable SElinux; or
  • apply the correct SElinux context as follows:
[root@node01 ~]# ssh root@node02 'restorecon -R -v /root/.ssh'
restorecon reset /root/.ssh context system_u:object_r:ssh_home_t:s0->system_u:object_r:home_ssh_t:s0
restorecon reset /root/.ssh/authorized_keys context unconfined_u:object_r:ssh_home_t:s0->system_u:object_r:home_ssh_t:s0

(>>Source)

no comments | post comment
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.

Useful:


snipsnap.org | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt