This looks like this is a problem that affects many but that there doesn't appear to be any viable solution to. It seems as though the best we can hope for is to configure sshd to look for the authorized_keys outside the home directory while it is still unmounted, but all that does is login to the machine but still leave the home directory unmounted.
I think likely the only way to solve this was if upstream patched ecryptfs to some how allow SSH key authentication. I don't know how difficult that would be to do. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/362427 Title: Public key ssh auth doesn't work with my Encrypted Home Directory Status in eCryptfs: Invalid Status in ecryptfs-utils package in Ubuntu: Invalid Status in openssh package in Ubuntu: Invalid Bug description: Spent all night to understand why public key ssh auth doesn't work. It seems to me that issue only affects Jaunty. Please have a look at the details below. So, the configuration is: 1. Client - lsb_release: Ubuntu 8.10 intrepid - ssh-client: OpenSSH_5.1p1 Debian-3ubuntu1, OpenSSL 0.9.8g 19 Oct 2007 2. Server A - lsb_release: Ubuntu 8.04.2 hardy - sshd: OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007 3. Server B - lsb_release: Ubuntu 9.04 jaunty - sshd: OpenSSH_5.1p1 Debian-5ubuntu1, OpenSSL 0.9.8g 19 Oct 2007 Server A and Server B have the same /etc/ssh/sshd_config: RSAAuthentication yes PubkeyAuthentication yes StrictModes no I turned StrictModes to "no", but every server has the same permissions on user's .ssh folder and .ssh/authorized_keys file. authorized_keys is the same on Server A and Server B. So, I am able to connect with public key from Client machine to Server A, but I can't connect to Server B. I run ssh client and sshd on Server B in debug mode, please find logs attached. Most important strings from auth.log: ... Apr 16 20:58:47 ubuntu sshd[21728]: debug3: mm_request_receive entering Apr 16 20:58:47 ubuntu sshd[21728]: debug3: monitor_read: checking request 21 Apr 16 20:58:47 ubuntu sshd[21728]: debug3: mm_answer_keyallowed entering Apr 16 20:58:47 ubuntu sshd[21728]: debug3: mm_answer_keyallowed: key_from_blob: 0xb9084978 Apr 16 20:58:47 ubuntu sshd[21728]: debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024 Apr 16 20:58:47 ubuntu sshd[21728]: debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024 Apr 16 20:58:47 ubuntu sshd[21728]: debug1: temporarily_use_uid: 1000/1000 (e=0/0) Apr 16 20:58:47 ubuntu sshd[21728]: debug1: trying public key file /home/sasha/.ssh/authorized_keys Apr 16 20:58:47 ubuntu sshd[21728]: debug1: restore_uid: 0/0 Apr 16 20:58:47 ubuntu sshd[21728]: debug1: temporarily_use_uid: 1000/1000 (e=0/0) Apr 16 20:58:47 ubuntu sshd[21728]: debug1: trying public key file /home/sasha/.ssh/authorized_keys2 Apr 16 20:58:47 ubuntu sshd[21728]: debug1: restore_uid: 0/0 Apr 16 20:58:47 ubuntu sshd[21728]: Failed publickey for sasha from 10.0.0.11 port 51194 ssh2 Apr 16 20:58:47 ubuntu sshd[21728]: debug3: mm_answer_keyallowed: key 0xb9084978 is not allowed ... To manage notifications about this bug go to: https://bugs.launchpad.net/ecryptfs/+bug/362427/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
