Sam Varshavchik wrote on 26-NOV-2019 14:09:36.69
Jouk Jansen writes:
> Hi All,
>
> I'm trying to setup an ssh-server on F31 which logs a user in without a
> password, but with a key-exchange. I generated all the keys and placed them
> in the right locations. It still asks for the password.
>
> Than comes the strange : I stoped the service by "systemctl stop sshd" and
> did run "as root" /usr/sbin/sshd. And than it just worked. (tried to stop
> and start with systemctl again made the passwordless login fail again)
>
> Question : why does is work with just running "/usr/sbin/sshd" but not
with
> "systemctl start sshd" ?
Perhaps the actual command and set up, from sshd.service, will offer a clue:
EnvironmentFile=-/etc/crypto-policies/back-ends/opensshserver.config
EnvironmentFile=-/etc/sysconfig/sshd-permitrootlogin
EnvironmentFile=-/etc/sysconfig/sshd
ExecStart=/usr/sbin/sshd -D $OPTIONS $CRYPTO_POLICY $PERMITROOTLOGIN
That's what systemctl start sshd does.
/etc/crypto-policies/back-ends/opensshserver.config is the default file of
the system.
/etc/sysconfig/sshd-permitrootlogin does not exists (and we do not try to
logon as root anyway.
/etc/sysconfig/sshd : In this file the CRYPTO_POLICY= line is uncommented to
allow for more cyphers. (I try to connect from a machine with not the newest
cyphers (yes I know the risk))
It used to work on a F30 system, which crashed and is now fresh installed
with F31. Can it be that I have to add more cyphers to the
/etc/ssh/sshd_conf files? (the public key from the client machine starts
with : ssh-rsa)
Regards
Jouk
Pax, vel iniusta, utilior est quam iustissimum bellum.
(free after Marcus Tullius Cicero (106 b.Chr.-46 b.Chr.)
Epistularum ad Atticum 7.1.4.3)
Touch not the cat bot a glove
------------------------------------------------------------------------------<
Jouk Jansen
joukj(a)hrem.nano.tudelft.nl
Technische Universiteit Delft tttttttttt uu uu ddddddd
Kavli Institute of Nanoscience tttttttttt uu uu dd dd
Nationaal centrum voor HREM tt uu uu dd dd
Lorentzweg 1 tt uu uu dd dd
2628 CJ Delft tt uu uu dd dd
Nederland tt uu uu dd dd
tel. 31-15-2782272 tt uuuuuuu ddddddd
------------------------------------------------------------------------------<