Re: Need to sftp with automatic login from 1 aix machine to another,

Pat Cornick wrote:
> Hi,
>
> I had a question and can not find out on the web where anyone might have
> done this. I am sftping
> between one AIX machine and another using automatic login. I have created
> the id_rsa.pub on the
> source server and added it to the /.ssh/authorized_keys file on the target
> server. The problem we
> are having seems to be that because the target id is a DCE(DFS) id and it's
> home directory is
> /fs/home/bondbpex instead of /home/bondbpex it can't find the
> /.ssh/authorized_keys file.

As long as getpwnam() and friends return the correct home dir that
should work.

> The
> permissions on the .ssh directory is 700 and the authorized_keys file is
> 600. Is this possible to be able
> to do this? Thanks for any help you can give me.

Is the home directory not mounted until the user presents a kerberos
ticket or a password that can get one? If so then sshd isn't going to
be able to read the authorized_keys file in the user's home dir.

What you can do is set AuthorizedKeysFile in sshd_config to point to a
local filesystem (eg /etc/ssh/keys or something) but that's a
system-wide parameter so it will affect all users. It would not be hard
to make the Match keyword in recent versions support AuthorizedKeysFile
but at the moment it doesn't.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://lists.mindrot.org/mailman/lis...enssh-unix-dev