ssh got denied access to user's ~/.ssh
Posted: Fri Mar 17, 2017 3:45 pm
title: ssh got denied access to user's ~/.ssh
---
( BTW, also if I try plain ssh:
Why? Have a look:
This hasn't happened yet. It just right now happened. I did notice some "hesitant" behavior by RBAC in my system. Maybe I'm doing something wrong, don't know.
Posting this just in case it doesn't go away...
---
- Code: Select all
$ sftp [email protected]
Could not create directory '/home/miro/.ssh'.
The authenticity of host 'rovis.org (178.218.165.68)' can't be established.
ECDSA key fingerprint is SHA256:eIcir/AUnSb9d8SQN6emaaWugNFyGOZnxC9dPB6RfVk.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Failed to add the host to the list of known hosts (/home/miro/.ssh/known_hosts).
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Couldn't read packet: Connection reset by peer
$
( BTW, also if I try plain ssh:
- Code: Select all
$ ssh [email protected]
...[basically same]...
Why? Have a look:
- Code: Select all
Mar 17 20:24:00 g0n kernel: [386022.331916] grsec: (miro:U:/usr/bin/sftp) exec of /usr/bin/sftp (sftp [email protected] ) by /usr/bin/sftp[bash:32251] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:9182] uid/euid:1000/1000 gid/egid:1000/1000
Mar 17 20:24:00 g0n kernel: [386022.334929] grsec: (miro:U:/usr/bin/ssh) exec of /usr/bin/ssh (/usr/bin/ssh -oForwardX11 no -oForwardAgent no -oPermitLocalCommand no -oClearAllForwardings yes -l rovisnet -oProtocol 2 -s -- ) by /usr/bin/ssh[sftp:32252] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/sftp[sftp:32251] uid/euid:1000/1000 gid/egid:1000/1000
Mar 17 20:24:00 g0n kernel: [386022.345162] grsec: (miro:U:/usr/bin/ssh) denied access to hidden file /home/miro/.ssh by /usr/bin/ssh[ssh:32252] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/sftp[sftp:32251] uid/euid:1000/1000 gid/egid:1000/1000
Mar 17 20:24:00 g0n kernel: [386022.345181] grsec: (miro:U:/usr/bin/ssh) denied access to hidden file /home/miro/.ssh by /usr/bin/ssh[ssh:32252] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/sftp[sftp:32251] uid/euid:1000/1000 gid/egid:1000/1000
Mar 17 20:24:00 g0n kernel: [386022.345309] grsec: (miro:U:/usr/bin/ssh) denied access to hidden file /home/miro/.ssh/id_rsa by /usr/bin/ssh[ssh:32252] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/sftp[sftp:32251] uid/euid:1000/1000 gid/egid:1000/1000
Mar 17 20:24:00 g0n kernel: [386022.345344] grsec: (miro:U:/usr/bin/ssh) denied access to hidden file /home/miro/.ssh/id_rsa.pub by /usr/bin/ssh[ssh:32252] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/sftp[sftp:32251] uid/euid:1000/1000 gid/egid:1000/1000
Mar 17 20:24:00 g0n kernel: [386022.360133] grsec: more alerts, logging disabled for 10 seconds
Mar 17 20:24:11 g0n kernel: [386032.924301] grsec: (miro:U:/usr/bin/ssh) denied access to hidden file /home/miro/.ssh/known_hosts by /usr/bin/ssh[ssh:32252] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/sftp[sftp:32251] uid/euid:1000/1000 gid/egid:1000/1000
Mar 17 20:24:11 g0n kernel: [386032.982358] grsec: (miro:U:/usr/bin/ssh) denied access to hidden file /home/miro/.ssh/id_rsa by /usr/bin/ssh[ssh:32252] uid/euid:1000/1000 gid/egid:1000/1000, parent /usr/bin/sftp[sftp:32251] uid/euid:1000/1000 gid/egid:1000/1000
- Code: Select all
$ ls -lRa ~miro/.ssh/
/home/miro/.ssh/:
total 36
drwx------ 2 miro miro 4096 2017-03-17 20:23 .
drwxr-xr-x 41 miro miro 20480 2017-03-17 20:32 ..
-rw------- 1 miro miro 1766 2014-12-23 10:52 id_rsa
-rw-r--r-- 1 miro miro 390 2014-12-23 10:52 id_rsa.pub
-rw-r--r-- 1 miro miro 186 2017-02-21 18:30 known_hosts
$
This hasn't happened yet. It just right now happened. I did notice some "hesitant" behavior by RBAC in my system. Maybe I'm doing something wrong, don't know.
Posting this just in case it doesn't go away...