Monday, November 26, 2007

Wrong permissions breaks ssh.

I learned something interesting today. In Linux, if group or others has the writable permission on a users home directory, ssh will not allow the use of key based authentication. It will prompt for a password. The next time you are not able to ssh using key based authentication, you may want to check permissions on the home directory.

Wednesday, March 7, 2007

Automatically unlock the default keyring on FC6

If you have NetworkManager in use on Fedora Core 6, you have probably seen this dialog box:


I got tired of entering my password every morning to unlock the default keyring, so I went looking for a solution. What I found was a module for use with PAM that would supply my system password to gnome-keyring for me. The module is called

On Fedora Core 6 the steps that I used to implement this were:

1) As root install the module and it's documentation:
# yum install pam_keyring

2) Insert the following two lines into /etc/pam.d/gdm:
auth optional try_first_pass
session optional

Note that order is important in the gdm file. This is what my /etc/pam.d/gdm file looks like with the additions:

auth required
auth optional try_first_pass
auth include system-auth
account required
account include system-auth
password include system-auth
session optional force revoke
session include system-auth
session required
session optional
session optional

Now the system no longer prompts me for the default keyring password when I log in.