SSH klic projde az napotreti

Jan Kasprzak kas na fi.muni.cz
Středa Únor 6 09:54:52 CET 2013 

	Dobry den,

mam monitorovaci server, ktery se pripojuje na ruzne pocitace pres ssh
s klicem a spousti tam ruzne testy. Vse funguje jak ma, ale ted jsem si
vsiml, ze na jednom pocitaci se pri kazdem pristupu do logu vypisuje tohle:

Feb  6 09:45:04 myhost sshd[3409]: Authentication tried for root with correct key but not from a permitted host (host=monitoring.fi.muni.cz, ip=1.2.3.4).
Feb  6 09:45:04 myhost sshd[3409]: Authentication tried for root with correct key but not from a permitted host (host=monitoring.fi.muni.cz, ip=1.2.3.4).
Feb  6 09:45:04 myhost sshd[3409]: Accepted publickey for root from 1.2.3.4 port 45637 ssh2
Feb  6 09:45:04 myhost sshd[3409]: pam_unix(sshd:session): session opened for user root by (uid=0)
Feb  6 09:45:04 myhost sshd[3409]: Received disconnect from 1.2.3.4: 11: disconnected by user
Feb  6 09:45:04 myhost sshd[3409]: pam_unix(sshd:session): session closed for user root

A pokud si rucne spustim na tom monitorovacim stroji ssh -v, vypada relevantni
cast takto:

[...]
debug1: Offering public key: /home/monitoring/.ssh/nazev_ssh_klice
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions na openssh.com
debug1: Entering interactive session.
debug1: Remote: Your host 'monitoring.fi.muni.cz' is not permitted to use this key for login.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Remote: Forced command: /bin/prikaz
debug1: Remote: Your host 'monitoring.fi.muni.cz' is not permitted to use this key for login.
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Remote: Forced command: /bin/prikaz
debug1: Sending environment.
debug1: Sending env LC_PAPER = cs_CZ.UTF-8
debug1: Sending env LC_COLLATE = cs_CZ.UTF-8
debug1: Sending env LANG = en_US.UTF-8
[...]

Takze server 2x vypise ze klic neni ze spravne IP adresy, ale napotreti
tentyz klic projde. Bez -v vse funguje jak ma, akorat na tom ssh serveru
se do logu zapise to dvoji neuspesne prihlaseni a pak jedno uspesne.

Delam neco spatne?

	Diky,

-Y.

-- 
| Jan "Yenya" Kasprzak  <kas at {fi.muni.cz - work | yenya.net - private}> |
| New GPG 4096R/A45477D5 - see http://www.fi.muni.cz/~kas/pgp-rollover.txt |
| http://www.fi.muni.cz/~kas/    Journal: http://www.fi.muni.cz/~kas/blog/ |
Please don't top post and in particular don't attach entire digests to your
mail or we'll all soon be using bittorrent to read the list.     --Alan Cox

Další informace o konferenci Linux