Tags Tags

Bug#633526: vserver kernel breaks ssh public_key authentication on NFS

July 11th, 2011 - 11:40 pm ET by Ben Hutchings | Report spam
Help Create a new topic

Does anyone understand this problem or have an idea of how to
investigate it?

Ben.

From: Harald Dunkel <harald.dunkel@aixigo.de>
Reply-to: Harald Dunkel <harald.dunkel@aixigo.de>, 633526@bugs.debian.org
To: submit@bugs.debian.org
Subject: Bug#633526: vserver kernel breaks ssh public_key authentication on NFS
Date: Mon, 11 Jul 2011 09:19:24 +0200

Package: linux-image-2.6-vserver-amd64
Version: 2.6.32+29


If I use the vserver kernel on a remote host, then I
cannot login via ssh and public_key authentication. AFAICS
the access rights to my authorized_keys file get corrupted.

Before I try to login it shows on the remote host:

# ls -l /home/hdunkel/.ssh/authorized_keys
-rw- 1 hdunkel users 1406 Jun 15 14:34 authorized_keys


When I try to login I am asked for a password (although
authorized_keys is set correctly). After this attempt I
see on the remote host:

# ls -al /home/hdunkel/.ssh/authorized_keys
-rw- 1 4294967294 4294967294 1406 Jun 15 14:34 authorized_keys

"sshd -d" shows that sshd doesn't like this.

Using the regular Squeeze kernel without vserver patch
there is no such problem.

/home is mounted via NFS:

# cat /proc/mounts | grep /home
nfs-home:/space/home /home nfs4 rw,relatime,vers=4,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=172.19.96.103,minorversion=0,addr=172.19.96.215 0 0

The NFS server runs Squeeze, too.


Regards

Harri









To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
email Follow the discussionReplies 2 repliesReplies Make a reply

Replies

#1 Herbert Poetzl
July 12th, 2011 - 05:10 pm ET | Report spam
On Tue, Jul 12, 2011 at 04:27:55AM +0100, Ben Hutchings wrote:
Does anyone understand this problem or have an idea of how to
investigate it?



I do not really understand the problem (yet) here are some
questions:

- NFS server is Linux-VServer patched? (yes, no)
if so then:
+ NFS server has NFS tagging enabled? (yes, no)
+ filesystem exported is tagged? (yes, no)
if so then:
* what tagging and what filesystem is used?

- NFS client is Linux-VServer patched? (yes, no)
+ if so then NFS client has NFS tagging enabled? (yes, no)

thanks in advance,
Herbert

Ben.

From: Harald Dunkel
Reply-to: Harald Dunkel ,
To:
Subject: Bug#633526: vserver kernel breaks ssh public_key authentication on NFS
Date: Mon, 11 Jul 2011 09:19:24 +0200

Package: linux-image-2.6-vserver-amd64
Version: 2.6.32+29


If I use the vserver kernel on a remote host, then I
cannot login via ssh and public_key authentication. AFAICS
the access rights to my authorized_keys file get corrupted.

Before I try to login it shows on the remote host:

# ls -l /home/hdunkel/.ssh/authorized_keys
-rw- 1 hdunkel users 1406 Jun 15 14:34 authorized_keys


When I try to login I am asked for a password (although
authorized_keys is set correctly). After this attempt I
see on the remote host:

# ls -al /home/hdunkel/.ssh/authorized_keys
-rw- 1 4294967294 4294967294 1406 Jun 15 14:34 authorized_keys

"sshd -d" shows that sshd doesn't like this.

Using the regular Squeeze kernel without vserver patch
there is no such problem.

/home is mounted via NFS:

# cat /proc/mounts | grep /home
nfs-home:/space/home /home nfs4 rw,relatime,vers=4,rsize48576,wsize48576,namlen%5,hard,proto=tcp,port=0,timeo`0,retrans=2,sec=sys,clientaddr2.19.96.103,minorversion=0,addr2.19.96.215 0 0

The NFS server runs Squeeze, too.


Regards

Harri










To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact

Similar topics

Make your own search :