SSH Unexpectedly Not Prompting for Password
Lucas, Brandon
Brandon.Lucas at sscgp.com
Tue May 14 16:38:34 UTC 2013
Hi all -
I have a question about SSH that I can't seem to figure out. Here is the situation:
4 servers on RHEL 6.3
One server has a local account ("teddy"). SSH key pairs have been set up between this "teddy" account and the other 3 servers on a different local account common to the other 3 servers ("bear"), but not present on the "teddy" server. These 3 servers do not have a "teddy" account.
Now, I am able to ssh without password between the 3 "bear" servers using the "bear" account without a password. This behavior is undesired as it bypasses some key controls.
I figure what must be happening here is that since the 3 "bear" servers have the same public key that points to the "teddy" server, they must be using that fourth server as some type of "witness" to verify the identity of the user making the ssh connection, bypassing the password for the "bear" account. I have disabled AgentForwarding on all 4 servers in question, as well as X11Forwarding. This has not helped.
What is going on here and how do I avoid it?
Brandon
More information about the redhat-list
mailing list