Thursday, November 24, 2016

Brocade SAN incoming SSH authentication not working - ssh login without password: wrong permissions on authorized_keys file

I have faced issue in FOS v7.4.1d that incoming SSH authentication (ssh login without password) did not work, even I have configured regarding to Brocade manual:
http://www.brocade.com/content/html/en/administration-guide/fos-741-adminguide/GUID-6FE6380F-52C8-4C5F-A69E-23EE7DB57E65.html 

The root cause of problem was in permissions on authorized_keys on Brocade SAN SW:

Login as root user:
ssh root@SANSW

Change directory to: /fabos/users/admin/.ssh
SANSW:root> cd /fabos/users/admin/.ssh

and list permisisons
SANSW:root> ls -la
total 32
drwxr-xr-x   2 root     admin        4096 Nov 13 17:27 ./
drwxr-xr-x   3 root     admin        4096 Sep  8 17:30 ../
-rw-r--r--   1 root     admin       10240 Nov 13 17:27 authorizedKeys.tar
-rw-------   1 root     admin         392 Nov 13 17:27 authorized_keys
-rw-------   1 root     admin         392 Nov 13 17:27 authorized_keys.admin
-rw-r--r--   1 root     admin         134 Jul 15 01:09 environment

Change permissions of authorized_keys.admin file for user admin:
SANSW:root> chmod g+r,a+r authorized_keys.admin
SANSW:root> ls -la
total 32
drwxr-xr-x   2 root     admin        4096 Nov 13 17:27 ./
drwxr-xr-x   3 root     admin        4096 Sep  8 17:30 ../
-rw-r--r--   1 root     admin       10240 Nov 13 17:27 authorizedKeys.tar
-rw-------   1 root     admin         392 Nov 13 17:27 authorized_keys
-rw-r--r--   1 root     admin         392 Nov 13 17:27 authorized_keys.admin
-rw-r--r--   1 root     admin         134 Jul 15 01:09 environment