Search Results

Search found 14152 results on 567 pages for 'private'.

Page 9/567 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >

  • VPC SSH port forward into private subnet

    - by CP510
    Ok, so I've been racking my brain for DAYS on this dilema. I have a VPC setup with a public subnet, and a private subnet. The NAT is in place of course. I can connect from SSH into a instance in the public subnet, as well as the NAT. I can even ssh connect to the private instance from the public instance. I changed the SSHD configuration on the private instance to accept both port 22 and an arbitrary port number 1300. That works fine. But I need to set it up so that I can connect to the private instance directly using the 1300 port number, ie. ssh -i keyfile.pem [email protected] -p 1300 and 1.2.3.4 should route it to the internal server 10.10.10.10. Now I heard iptables is the job for this, so I went ahead and researched and played around with some routing with that. These are the rules I have setup on the public instance (not the NAT). I didn't want to use the NAT for this since AWS apperantly pre-configures the NAT instances when you set them up and I heard using iptables can mess that up. *filter :INPUT ACCEPT [129:12186] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [84:10472] -A INPUT -i lo -j ACCEPT -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 1300 -j ACCEPT -A INPUT -d 10.10.10.10/32 -p tcp -m limit --limit 5/min -j LOG --log-prefix "SSH Dropped: " -A FORWARD -d 10.10.10.10/32 -p tcp -m tcp --dport 1300 -j ACCEPT -A OUTPUT -o lo -j ACCEPT COMMIT # Completed on Wed Apr 17 04:19:29 2013 # Generated by iptables-save v1.4.12 on Wed Apr 17 04:19:29 2013 *nat :PREROUTING ACCEPT [2:104] :INPUT ACCEPT [2:104] :OUTPUT ACCEPT [6:681] :POSTROUTING ACCEPT [7:745] -A PREROUTING -i eth0 -p tcp -m tcp --dport 1300 -j DNAT --to-destination 10.10.10.10:1300 -A POSTROUTING -p tcp -m tcp --dport 1300 -j MASQUERADE COMMIT So when I try this from home. It just times out. No connection refused messages or anything. And I can't seem to find any log messages about dropped packets. My security groups and ACL settings allow communications on these ports in both directions in both subnets and on the NAT. I'm at a loss. What am I doing wrong?

    Read the article

  • Public Private Key Encryption Tutorials

    - by Jake M
    Do you know of a tutorial that demonstrates Public Private Key encryption(PPKE) in C++ or C? I am trying to learn how it works and eventually use Crypto++ to create my own encryptions using public private keys. Maybe theres a Crypto++ PPKE tutorial? Maybe someone can explain the relationship(if any) between the public and private keys? Could anyone suggest some very simple public and private key values I could use(like 'char*32','char/32') to create my simple PPKE program to understand the concept?

    Read the article

  • Why is Private Accessor deprecated?

    - by user3918598
    It used to be the number one reason for us to choose MSTest from others that we could access and test private methods. Now that Private accessors are deprecated in Visual Studio 2012. Does anyone know why Microsoft make such decision? Is it because it's not a good practice to test private methods? Also, if I still need to unit test my private methods, how could I do that in VS 2012 and later versions?

    Read the article

  • How to make images hosted on Amazon S3 less public but not completely private?

    - by Jay Godse
    I fired up a sample application that uses Amazon S3 for image hosting. I managed to coax it into working. The application is hosted at github.com. The application lets you create users with a profile photo. When you upload the photo, the web application stores it on Amazon S3 instead of your local file system. (Very important if you host at heroku.com) However, when I did a "view source" in the browser of the page I noticed that the URL of the picture was an Amazon S3 URL in the S3 bucket that I assigned to the app. I cut & pasted the URL and was able to view the picture in the same browser, and in in another browser in which I had no open sessions to my web app or to Amazon S3. Is there any way that I could restrict access to that URL (and image) so that it is accessible only to browsers that are logged into my applications? Most of the information I found about Amazon ACLs only talk about access for only the owner or to groups of users authenticated with Amazon or AmazonS3, or to everybody anonymously.

    Read the article

  • Passing an array of data to a private function in CodeIgniter/PHP? [facepalm]

    - by Jack Webb-Heller
    So I thought this should be easy, but, I'm n00bing out here and failing epicly (as they say on teh interwebz). So here's my code: function xy() { $array['var1'] = x; $array['var2'] = y; echo $this->_z; } function _z($array) { $xy = $x.$y; return $xy; } So, why doesn't that seemingly simple code work? I know with views you can pass arrays and the variables are accessible in the views with just their array title, but, why doesn't it work in this case? Jack

    Read the article

  • Is this considered as using private functions in iPhone dev, and thus illegal?

    - by user153231
    I'm trying to disable scrolling for a UIWebView and the only way i found is using this way: #import <objc/runtime.h> id scroller = [[Webview subviews] lastObject]; int count; Method *method = class_copyMethodList([scroller class], &count); int i; for (i=0; i<count; i++) { if (strcmp(method_getName(method[i]), "setScrollingEnabled:") == 0) break; } IMP test = method_getImplementation(method[i]); test(scroller, @selector(setScrollingEnabled:), NO); Is this considered to be an illegal way of using the iPhone SDK? Can this cause my application to be rejected for the App store?

    Read the article

  • SSH into remote server using Public-private keys

    - by maria
    Hi, I have recently setup ssh on two linux machines (lets call them server-a, client-b). I have generated two ssh auth files on client-b machine using ssh key gen and can see both public and private files in .ssh dir. I have named them 'example' and 'example.pub'. Then I have added example.pub to sever-a's auth file. When I try to ssh into server-a it still requests a password authentication where as I want a password less login (private key on client-b is setup without password). When I try to ssh with '-v' .. get the following output: debug1: Next authentication method: publickey debug1: Trying private key: /Users/abc/.ssh/identity debug1: Offering public key: /Users/abc/.ssh/id_rsa debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering public key: /Users/abc/.ssh/id_dsa debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,keyboard-interactive debug2: we did not send a packet, disable method debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: Please help.

    Read the article

  • SSH Private Key Not Working in Some Directories

    - by uesp
    I have a strange issue where SSH won't properly connect with a private-key if the key file is in certain directories. I've setup the keys on a set of servers and the following command ssh -i /root/privatekey [email protected] works fine and I login to the given host without getting prompted by a password, but this command: ssh -i /etc/keyfiles/privatekey [email protected] gives me a password prompt. I've narrowed it down that this behavior occurs in only some sub-directories of /etc/. For example /etc/httpd1/ gives me a password prompt but /etc/httpd/ does not. What I've checked so far: All private key files used are identical (copied from the original file). The private key file and directories used have identical permissions. No relevant error messages in the server/client logs. No interesting debug messages from ssh -v (it just seems to skip the key file). It happens with connecting to different hosts. After more testing it is not the actual directory name. For example: mkdir /etc/test cp /root/privatekey /etc/test ssh -i /etc/test/privatekey [email protected] # Results in password prompt cp /root/privatekey /etc/httpd # Existing directory ls -ald test httpd # drwxr-xr-x 4 root root 4096 Mar 5 18:25 httpd # drwxr-xr-x 2 root root 4096 Mar 5 18:43 test ssh -i /etc/httpd/privatekey [email protected] # Results in *no* prompt rm -r test cp -R /etc/httpd /etc/test ssh -i /etc/test/privatekey [email protected] # Results in *no* prompt` I'm sure its just something simple I've overlooked but I'm at a loss.

    Read the article

  • Getting the EFS Private Key out of system image

    - by thaimin
    I had to recently re-install Windows 7 and I lost my exported private key for EFS. I however have the entirety of my user directory and my figuring that the key must be in there SOMEWHERE. The only question is how to get it out. I did find the PUBLIC keys in AppData\Roaming\Microsoft\SystemCertificates\My\Certificates If I import them using certmg.msc it says I do have the private key in the information, but if I try export them it says I do not have the private key. Also, decryption of files doesn't work. There is also a "keys" folder at AppData\Roaming\Microsoft\SystemCertificates\My\Keys. After importing the certificates I copy those over into my new installation but it has no effect. I am starting to believe they are either in AppData\Roaming\Microsoft\Protect\S-1-5-21-...\ or AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-...\ but I am unsure how to use the files in those folders. Also, since my SID has changed, will I be able to use them? The other parts of the account have remained the same (name and password). I also have complete access to the user registry hive and most of the old system files (including the old system registry hives). I do keep seeing references to "Key Recovery Agent" but have not found anything about using, just that it can be used. Thanks!

    Read the article

  • Suggestions for transitioning to new GW/private network

    - by Quinten
    I am replacing a private T1 link with a new firewall device with an ipsec tunnel for a branch office. I am trying to figure out the right way to transition folks at the new site over to the new connection, so that they default to using the much faster tunnel. Existing network: 192.168.254.0/24, gw 192.168.254.253 (Cisco router plugged in to private t1) Test network I have been using with ipsec tunnel: 192.168.1.0/24, gw 192.168.1.1 (pfsense fw plugged in to public internet), also plugged in to same switch as the old network. There are probably ~20-30 network devices in the existing subnet, about 5 with static IPs. The remote endpoint is already the firewall--I can't set up redundant links to the existing subnet. In other words, as soon as I change the tunnel configuration to point to 192.168.254.0/24, all devices in the existing subnet will stop working because they point to the wrong gateway. I'd like some ability to do this slowly--such that I can move over a few clients and verify the stability of the new link before moving critical services or less tolerant users over. What's the right way to do this? Change the netmask on all of the devices to /16, and update gateway to point to the new device? Could this cause any problems? Also, how should I handle DNS? The pfsense box is not aware of my Active Directory environment. But if I change DNS to use the local servers, it will result in a huge slowdown as DNS queries will still be routed over the private t1. I need some help coming up with a plan that's not too disruptive but will really let me thoroughly test the stability of the IPSEC tunnel before I make the final switch. The AD version is 2008R2, as are the servers. Workstations are mostly Windows XP SP3. I have not configured the 192.168.1.0/24 as a site in AD sites and services.

    Read the article

  • SSH with public/private key to iMac fails.

    - by bennedich
    I'm trying to connect to my iMac (server) from my macbook (client) on my LAN. Both have Mac OS X 10.6.4. Server running on a new clean install of the OS. When just activating Remote Login in System Preferences everything works fine. But when setting up ssh to only work with public/private key I get the following error messages from the server log depending on if I use a rsa passphrase or not: With passphrase (case 1): PAM: user account has expired for <myServerUserName> from 192.168.X.X via 192.168.X.Y Without passphrase (case 2): Failed publickey for <myServerUserName> from 192.168.X.X port AAAAA ssh2 This is my setup algorithm: Create a private and public key on client with command ssh-keygen -t rsa. In case 1 I also set a passphrase. Move the id_rsa.pub to the server path /Users/<myServerUserName>/.ssh/ In this folder I execute cat id_rsa.pub > authorized_keys Making sure Remote Login isn't active, I now execute sudo /usr/sbin/sshd -d on the server. Back on the client I now type ssh -v -v -v <myServerUserName>@192.168.X.Y and get prompted to accept RSA key fingerprint. This is NOT the same fingerprint as the one from when I created the private/public key (should it be?). I accept. Depending on case: CASE 1: Client gets halted for password and the response is permission denied even though correct password is given. Back on the server I can read the error message I stated above for case 1: PAM: user account has expired... CASE 2: Client gets message Connection closed by 192.168.X.Y. Back on the server I can read the error message I stated above for case 2: Failed publickey... What could possibly cause this?

    Read the article

  • SOCKET chat C# with private messaging

    - by Sergei
    I want to create SOCKET chat(server + clients) with private messaging. When client write smth to stream, he should notify server that it is private message for user X, how can i do this? Actually i can do smth like this: string command = "PRIV|" + txtMessage.Text; swSender.WriteLine(command); but i think it isn't good, for example if user wants send message like our "PRIV|" flag it will be errors public class TestChat { private StreamWriter swSender; private IPAddress ipAddr; private void InitializeandSend() { //ip from text box ipAddr = IPAddress.Parse(txtIp.Text); // Start a new TCP connections to the chat server tcpServer = new TcpClient(); tcpServer.Connect(ipAddr, 1986); //... //sending message from text box swSender.WriteLine(txtMessage.Text); swSender.Flush(); } }

    Read the article

  • private virtual function in derived class

    - by user1706047
    class base { public: virtual void doSomething() = 0; }; class derived : public base { **private:** virtual void doSomething(){cout<<"Derived fn"<<endl;} }; now if i do the following: base *b=new child; b->doSomething(); //it calls the derived class fn even if that is private. Question: 1.its able to call the derived class fn even if that is private.How is it possible? Now if i change the inheritance access specifier from public to protected/private then i get compilation error as "'type cast' : conversion from 'Derived *' to 'base *' exists, but is inaccessible" Notes: I am aware on the concepts of the inheritance access specifiers.So in second case as its derived private/protected, its inaccessible. But here it confuses me for the first question. Any input will be highly appreciated

    Read the article

  • How to use iPhone SDK Private APIs

    - by eagle
    I haven't found a comprehensive list of the steps that are required to use a private API from the iPhone Library. In particular, I would like to know how to get header files, if they are even required, how to get it to compile (when I simply add the header, it complains that the functions aren't defined), and what resources one can use to learn about private APIs (e.g. from other user's experiences, such as http://iphonedevwiki.net/ which has a few). I've read in other places that people recommend using class-dump to get the headers. Are there any alternative methods? I've noticed that there are some repositories of iPhone Private SDKs, what are the most up to date resources you would recommend? Most of the previous questions about documentation of private APIs, have all linked to Erica Sadun's website, which doesn't seem to have documentation anymore (all the links on the left are crossed out). Please save the comments about not using private API's... I know of the biggest risks: App will get rejected by Apple. App will break in future updates to the OS. I'm talking about legitimate uses, such as: Private application use (e.g. for unit testing, or messing around to see what's possible)

    Read the article

  • Fluent NHibernate Map to private/protected Field that has no exposing Property

    - by Jon Erickson
    I have the following Person and Gender classes (I don't really, but the example is simplified to get my point across), using NHibernate (Fluent NHibernate) I want to map the Database Column "GenderId" [INT] value to the protected int _genderId field in my Person class. How do I do this? FYI, the mappings and the domain objects are in separate assemblies. public class Person : Entity { protected int _genderId; public virtual int Id { get; private set; } public virtual string Name { get; private set; } public virtual Gender Gender { get { return Gender.FromId(_genderId); } } } public class Gender : EnumerationBase<Gender> { public static Gender Male = new Gender(1, "Male"); public static Gender Female = new Gender(2, "Female"); private static readonly Gender[] _genders = new[] { Male, Female }; private Gender(int id, string name) { Id = id; Name = name; } public int Id { get; private set; } public string Name { get; private set; } public static Gender FromId(int id) { return _genders.Where(x => x.Id == id).SingleOrDefault(); } }

    Read the article

  • Protected and Private methods

    - by cabaret
    I'm reading through Beginning Ruby and I'm stuck at the part about private and protected methods. This is a newbie question, I know. I searched through SO for a bit but I couldn't manage to find a clear and newbie-friendly explanation of the difference between private and protected methods. The book gives two examples, the first one for private methods: class Person def initialize(name) set_name(name) end def name @first_name + ' ' + @last_name end private def set_name(name) first_name, last_name = name.split(/\s+/) set_first_name(first_name) set_last_name(last_name) end def set_first_name(name) @first_name = name end def set_last_name(name) @last_name = name end end In this case, if I try p = Person.new("Fred Bloggs") p.set_last_name("Smith") It will tell me that I can't use the set_last_name method, because it's private. All good till there. However, in the other example, they define an age method as protected and when I do fred = Person.new(34) chris = Person.new(25) puts chris.age_difference_with(fred) puts chris.age It gives an error: :20: protected method 'age' called for #<Person:0x1e5f28 @age=25> (NoMethodError) I honestly fail to see the difference between the private and protected methods, it sounds the same to me. Could someone provide me with a clear explanation so I'll never get confused about this again? I'll provide the code for the second example if necessary.

    Read the article

  • Best Practise: DNS and VPN (with private network IPs)

    - by ribx
    I am trying to find the best solution for my DNS problem. We are running several services in our company that you can reach only over VPN. Other services, that are reachable through the internet got the domain ... At the moment all services inside the VPN network go by .local... These have an VPN IP of the private network 192.168.252.0/24. Clients reach from Linux over OSX to Windows. I can think of 4 possibilities to implement a DNS infrastructure: Most common: an internal DNS Server, that is pushed by the VPN. But this has several drawbacks: your DNS responses are limited to the speed of the VPN Connection and your own DNS server. Because of very complex websites, this can increase the time for a page to load quite a lot. Also: we have several VPNs that are not connected to each other and all of them have their own DNS server. Several DNS servers locally. These have to be configured by hand. And you have to use some third party tool like dnsmasq. If you start a DNS request, you ask your locally running DNS server, which decides which server to ask for which domain name. One college of mine uses such a solution with this OSX (I am sorry, I don't remember the name of the application). You use your domain hoster. Most of them have APIs available to manipulate your DNS entries. So you could pull your private network informations to your domain hoster. I am not sure whether they all accept private network IPs. But I guess there will be some problems in the same way as in number 4. The one we currently use, because it's for us the most logical choice: we forward the sub domain *.local.. to our own public DNS Server. This works quite good for some public DNS Servers like Google. But most ISPs do not forward the answers. Or don't do that always. Like my ISP sends me a positive result of the a DNS request of a *.local.. domain only every 10th time I make a nslookup. (Can someone explain this?) Here the real Question: Is there another solution we were not thinking about? Or: What of these methods do you use?

    Read the article

  • Security when, ssh Private keys are lost

    - by Shree Mandadi
    Cant explain my problem enough with words, Let me take an example.. and please multiple the complexity by a 100 for the Solution. User-A has two ssh private keys, and over time has used this public key on a number of servers He lost one of them, and has created a new pair. How does User-A, inform me (Sys Admin), that he has lost his key, and How do I manage all the servers to which he had access to (I do not have a list, of all Servers that User-A has access to). In other words, How do I recall, the public key associated with this Private key. REF: In the LDAP based Authentication, All Servers would communicate with a single Server repository for Authentication, and If I remove acess or modify the password on the Server, all Systems that use this LDAP for Authentication are secured, when User-A loses his password..

    Read the article

  • Does private browsing prevent socket events?

    - by Chris Cirefice
    I usually do my work in Google Chrome (v36.0.1985.143), private browsing enabled. I use Firefox to browse Stack Exchange, in normal mode so that all my logins are persisted. Sometimes I accidentally open an SE question in Chrome, so I copy-paste the URL to Firefox and get on reading. I left the SE tab in Chrome open, and up-voted a question in Firefox. Normally, you immediately see other users' voting activity via socket event emitting (possibly Socket.IO, I don't know SE's back-end). I noticed that in my Chrome tab, I didn't see the upvote that I had cast in Firefox. I had to refresh to be able to see the vote count change. So, as the title of the question states: does private browsing prevent socket events?

    Read the article

  • What are the IPv6 Public and Private and Reserved ranges

    - by vipin raj
    I just want to know what are all the public IPv6 ranges which ISPs or other users can use? Also need a list of addresses which can be used in private networks and also the list of addresses which never can be used in any network. I have been searching through different web sites. But none gives a reliable answer. Actually we are developing an application which allows user to plan their IP address(create supernets, subnets, hosts, assign host to ports etc). So my application should be able to distinguish between all kinds of address ranges, whether it is reserved, public, private, multicast etc

    Read the article

  • How to Configure Source NAT (Private IP => Public IP Outbound)

    - by DavidScherer
    I'm running VMWare ESXi Free and have Zentyal SBS 3.2 running as a Gateway. I have 5 Public IPS (CIDR/29, let's call them 69.1.1.1 - 69.1.1.5) and currently Zentyal is bound to 69.1.1.1 as the Gateway, with the other 4 Public IPs set as Virtual Interfaces in Zentyal (wan2-wan5) I have machines sitting on the Private Network (10.34.251.x) that, when going Outbound (to Google for instance) should be seen by the Internet as an IP other than the Gateway (69.1.1.1), this is because our machines need to be able to communicate with 3rd party APIs that expect these requests to come from a specific IP. From what I could find, SNAT (Source NAT) in Zentyal is used to achieve this, but I'm not sure how to configure it and cannot find a specific piece of Documentation for it at Zentyal. I've tried setting this up a couple different ways, with no results and at this point I have no idea if I'm going about this completely wrong, or my lack of experience with networking and the associated terminology is preventing me from placing the correct values in the correct fields. I get the following form to set up "SNAT" rules in Zentyal: Perhaps someone can offer some guidance and definitions for the fields above? SNAT Address Is this the Public IP I want to masquerade? Outgoing Interface Should this by my External NIC (one connected to Public 'Net), or is it the "Private" interface? It sounds as though this should be the External interface as I want the traffic from the internal network sent Out over this Interface (using a different IP than normal, anyway) Source Is the the Source on the internal network (one of the private IPs?), a public IP I want to masquerade as, or something else entirely? Destination Is this a place on the Internet (eg, "Only do this for the Site Google.com"/IP) or am I allowing myself to become confused again? Service I'm assuming this allows me to restrict which services this rule will apply to, but is it for a service on the internal network or a service being accessed on the external network? If I can offer any further details or information to make what I'm trying to do more clear, I will happily do so. Honestly any kind of help here would be very appreciated. I'm not a NetOps or anything even close, I spend most of my day writing code and my entire "team" at this company consists of "me, myself, and I" so while I try to broaden my KB at every possible opportunity, I can only learn so much, so fast and I feel like with networking especially there's just so much, coupled with a learning curve for each solution that likes to (from my limited perspective) use slightly different terminology that what I'm used to (and I don't exactly have the necessary experience to cross reference this stuff with the stuff I already know in context).

    Read the article

  • NAT for static private addresses

    - by biggdman
    Could someone please help me out with the following scenario: I have a machine that hosts 3 lxc containers, and acts like a router for them. The LXC containers have private ip addresses set on the interfaces that are connected to the host. I want to provide Internet access to the containers and I want to configure the host system so it translates only the addresses that are configured static on the lxc containers interfaces. Should I try to configure the host so it translates each of the 3 private addresses to the public address of the host's interface that is connected to the Internet?

    Read the article

  • Apache2 unable to start: private key not found

    - by user3161330
    today I edited some vhosts in my Apache installation and when I tried to restart it I got this error: [Sun Jun 08 15:20:19 2014] [error] Init: Private key not found [Sun Jun 08 15:20:19 2014] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Sun Jun 08 15:20:19 2014] [error] SSL Library Error: 218640442 error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error [Sun Jun 08 15:20:19 2014] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Sun Jun 08 15:20:19 2014] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error [Sun Jun 08 15:20:19 2014] [error] SSL Library Error: 67710980 error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib [Sun Jun 08 15:20:19 2014] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Sun Jun 08 15:20:19 2014] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error I have tried to generate new self signed certificates issuing this command: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.cert.key -out server.cert.crt but the error still exists. The private key chmod is 600, and if I open it with nano looks, fine. I'm running Apache2 on a debian 7 machine.

    Read the article

  • git private server error: "Permission denied (publickey)."

    - by goddfree
    I followed the instructions here in order to set up a private git server on my Amazon EC2 instance. However, I am having problems when trying to SSH into the git account. Specifically, I get the error "Permission denied (publickey)." Here are the permissions of my files/folders on the EC2 server: drwx------ 4 git git 4096 Aug 13 19:52 /home/git/ drwx------ 2 git git 4096 Aug 13 19:52 /home/git/.ssh -rw------- 1 git git 400 Aug 13 19:51 /home/git/.ssh/authorized_keys Here are the permissions of my files/folders on my own computer: drwx------ 5 CYT staff 170 Aug 13 14:51 .ssh -rw------- 1 CYT staff 1679 Aug 13 13:53 .ssh/id_rsa -rw-r--r-- 1 CYT staff 400 Aug 13 13:53 .ssh/id_rsa.pub -rw-r--r-- 1 CYT staff 1585 Aug 13 13:53 .ssh/known_hosts When checking my logs in /var/log/secure, I used to get the following error message every time I tried to SSH: Authentication refused: bad ownership or modes for file /home/git/.ssh/authorized_keys However, after making a few permission changes, I no longer get this error message. Despite this, I am still getting the "Permission denied (publickey)." message every time I try to SSH. The command I am using to SSH is ssh -T git@my-ip. Here is the full log I get when I run ssh -vT [email protected]: OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 debug1: Reading configuration data /etc/ssh_config debug1: /etc/ssh_config line 20: Applying options for * debug1: Connecting to my-ip [my-ip] port 22. debug1: Connection established. debug1: identity file /Users/CYT/.ssh/id_rsa type -1 debug1: identity file /Users/CYT/.ssh/id_rsa-cert type -1 debug1: identity file /Users/CYT/.ssh/id_dsa type -1 debug1: identity file /Users/CYT/.ssh/id_dsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.2 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2 debug1: match: OpenSSH_6.2 pat OpenSSH* debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr [email protected] none debug1: kex: client->server aes128-ctr [email protected] none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA 08:ad:8a:bc:ab:4d:5f:73:24:b2:78:69:46:1a:a5:5a debug1: Host 'my-ip' is known and matches the RSA host key. debug1: Found key in /Users/CYT/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: /Users/CYT/.ssh/id_rsa debug1: Trying private key: /Users/CYT/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey). I have spent a few hours going through threads on various sites, including SO and SF, looking for a solution. It seems that the permissions for my files are all okay, but I just can't figure out the problem. Any help would be greatly appreciated. Edit: EEAA: Here are the outputs you requested: $ getent passwd git git:x:503:504::/home/git:/bin/bash $ grep ssh ~git/.ssh/authorized_keys | wc -l grep: /home/git/.ssh/authorized_keys: Permission denied 0

    Read the article

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >