Q: SSH Permissions
I know this has been done, but I can't find it either here or elsewhere.
I just reinstalled my SSH protocols after replacing a hard drive on the server and restoring (data only) from a Time Machine backup. I seemed to have to start the SSH process from scratch.
I have outlined the procedures (which I learned here) at ctlow.ca/SSH-VPN_MacOSX.html.
It worked, but when I log in from the client, it just goes through without asking for passwords. I think it asked for one password the first time, the private key(?) password, but it used to ask for that (in a little text box, echoed) every time, and then the server password(?) in Terminal itself, not echoed.
Now, neither of those are happening.
So, I found some notes I had made about this, and reset permissions to the .ssh folder as 700 and to the files inside it as 600, on both the server and the client.
It ends up looking like this:
ClientComputer:~ ClientID$ ls -ael .ssh
total 24
drwx------ 5 ClientID staff 170 11 Sep 15:24 .
drwxr-x-wx+ 24 ClientID staff 816 13 Sep 08:26 ..
0: group:everyone deny delete
-rw-------@ 1 ClientID staff 32 10 Feb 2012 config
-rw------- 1 ClientID staff 1766 11 Sep 15:11 id_rsa
-rw------- 1 ClientID staff 818 11 Sep 15:33 known_hosts
====
ServerComputer:~ ServerID$ ls -ael .ssh
total 16
drwx------ 4 ServerID staff 136 11 Sep 15:28 .
drwxr-xr-x@ 25 ServerID staff 850 11 Sep 15:30 ..
0: group:everyone deny delete
-rw------- 1 ServerID staff 416 11 Sep 15:28 authorized_keys
-rw------- 1 ServerID staff 391 11 Sep 15:26 known_hosts
I don't think that I'm particularly at risk, but I was happy with having to use two passwords to log into the SSH tunnel. Any idea why I'm being asked for no passwords now? (I did specify a password when generating the keys.)
Thank you.
Charles
P.S. The client is running 10.9, the server 10.11.
P.P.S. The info window for the client-user showed "shared folder" which I don't know how it got like that, and have unchecked the box. I doubt if that's related to my question.
iMac, OS X El Capitan (10.11.6)
Posted on Sep 16, 2016 2:11 PM