Wrong permissions breaks ssh.

I learned something interesting today. In Linux, if group or others has the writable permission on a users home directory, ssh will not allow the use of key based authentication. It will prompt for a password. The next time you are not able to ssh using key based authentication, you may want to check permissions on the home directory.

Automatically unlock the default keyring on FC6

If you have NetworkManager in use on Fedora Core 6, you have probably seen this dialog box:

I got tired of entering my password every morning to unlock the default keyring, so I went looking for a solution. What I found was a module for use with PAM that would supply my system password to gnome-keyring for me. The module is called pam_keyring.so.

On Fedora Core 6 the steps that I used to implement this were:

1) As root install the module and it's documentation:
# yum install pam_keyring

2) Insert the following two lines into /etc/pam.d/gdm:
auth optional pam_keyring.so try_first_pass
session optional pam_keyring.so

Note that order is important in the gdm file. This is what my /etc/pam.d/gdm file looks like with the additions:

auth required pam_env.so
auth optional pam_keyring.so try_first_pass
auth include system-auth
account required pam_nologin.so
account include system-auth
password include system-auth
session optional pam_keyinit.so force revoke
session include system-auth
session required pam_loginuid.so
session optional pam_console.so
session optional pam_keyring.so

Now the system no longer prompts me for the default keyring password when I log in.