Bug 1747

Summary: AuthorizedKeysFile not working as advertised
Product: Portable OpenSSH Reporter: David Pflug <dtpflug>
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: major CC: dtpflug, dtucker
Priority: P2    
Version: 5.4p1   
Hardware: Other   
OS: Linux   
Bug Depends on:    
Bug Blocks: 1743    

Description David Pflug 2010-03-30 13:09:07 AEDT 
In the upgrade from 5.3 to 5.4, my pubkey authentication stopped working. I investigated and found this in the logs:

Mar 29 19:46:42 dpflug-desktop sshd[18203]: debug1: trying public key file //.ssh/authorized_keys

That's the only place it checks for authorized_keys.

I asked in #openssh and was told that commenting out AuthorizedKeysFile in the config has helped some people.

In the sshd_config man page, it states:
After expansion, AuthorizedKeysFile is taken to be an absolute path or one relative to the user's home directory.  The default is ``.ssh/authorized_keys''.

I have "AuthorizedKeysFile .ssh/authorized_keys" in my sshd_config, but it's not working. Commenting it out did help:

Mar 29 19:52:12 dpflug-desktop sshd[18323]: debug1: matching key found: file /home/dpflug/.ssh/authorized_keys, line 1
Comment 1 Darren Tucker 2010-04-09 10:42:09 AEST 
Thanks for the report.  This has been fixed and will be in the 5.5p1 release.  You can confirm by trying a recent snapshot (http://www.mindrot.org/openssh_snap/).

You can work around it commenting it out (as you noted) or by using "%h" to explicitly specify the user's home directory, eg:

AuthorizedKeysFile %h/.ssh/authorized_keys
Comment 2 Damien Miller 2010-04-16 15:50:37 AEST 
Mass move of bugs RESOLVED->CLOSED following the release of openssh-5.5p1