When attempting to log into the server, I was prompted for a password as if the server did not have my public key. It certainly did. Checking /var/log/auth.log, I noticed this:

# /var/log/auth.log
Nov 2 17:47:37 hostname sshd[2053]: Authentication refused: bad ownership or modes for directory /home/myuser

Somehow (likely due to user error), the permissions for /home/myuser was set to 0777!

$ ls -lah /home | grep myuser
drwxrwxrwx 119 myuser myuser 8.0K 2010-11-02 17:45 myuser

The solution was to restore the directory permissions to what they should be – r/w access for the owner only.

$ chmod 0755 ~myuser
$ ls -lah /home | grep myuser
drwxr-xr-x 119 myuser myuser 8.0K 2010-11-02 17:45 myuser

Hopefully now you’ll be able to log in with your private key.

$ ssh myhost
$ tail /var/log/auth.log
Nov  2 17:50:36 hostname sshd[2212]: Accepted publickey for myuser from 192.168.1.XXX port XXXXX ssh2

1

ssh-copy-id -p XXXX -i '~/.ssh/id_rsa.pub' username@host

However, that didn’t do anything but output an error:

Bad port 'umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys'

The solution was to enclose it in quotes as follows:

ssh-copy-id ‘-p XXXX -i ~/.ssh/id_rsa.pub username@host’

Hope that helps.

(The above error probably doesn’t make any sense. ssh-copy-id is a shell script. The command that appears in the error message is a command sent to the server via SSH. Feel free to take a look at the file: cat `locate ssh-copy-id | head -n1`)

Where "/my/dir" would vary depending on what you're tab-completing. I suspected the problem might be with permissions, but that came up short.

I finally came across the solution here:

http://serverfault.com/questions/47554/ubuntu-tab-completon-and-mc-problems

Since I had trouble finding much information on Google, hopefully this post will help. It turned out to be a shell issue. When I created the user, I never specified the default shell to use (BASH), and I apparently never went back and changed it. Which explains why it worked on some of my users' accounts but not others.

So, when going through my home folder one day, I came across a hidden file called .bash_history. Hmm, I wondered. Could this solve my problem? Yes! It can!

1
2
3

$ rm ~/.bash_history
# You can also clear your history with the following command:
$ history -c

After deleting the file, open BASH and hit the up key – you should get nothing but a pleasant beep. A wonderful representation of security. Of course, it’d be best to shred the file using a utility such as, well, shred, so that nobody can retrieve the deleted contents. Note that you can only use the below command to shred the file if you haven’t already deleted it.

1

shred ~/.bash_history

And all should be well. But, what if you don’t want it to keep a track of your history? Well, there’s a couple ways to do so. I pulled the examples from the following link:

http://gentoo-wiki.com/SECURITY_Bash_History_Functions

The easiest one, which I did (I don’t feel like wasting any more time on this), was the following command:

1

ln -s /dev/null ~/.bash_history

This creates a link so that .bash_history points to /dev/null. Anything sent to /dev/null never returns – thus the name. It is simply discarded.