Today it’s been one of those days that you wish to hide very deep under your desk.
For a couple of days I’ve been battling with a 11.31 server over its sshd configuration, somehow this was the only node which refused the public-key ssh authentication method from my management server and always asked for root password, that means I could’t run scripts remotely with a convenient for loop over the sever list, no remote tests, no cron tasks from the management node against it, etc; and that’s unacceptable for me.
I almost wiped out the config of the target server and recreated it from scratch using the sshd_config file of a working 11.31 node as my starting point and still the damn server asked for a password. I was desperate, looking through the config file one time after another, checked file permissions, running the same test from other servers with same result.
Finally I ask a colleague if he could review my sshd_config file, at first look he found nothing wrong and then he performed some test and MAGIC!! it worked. I asked him about his “guru trick” and he said ‘Dude, your root home had 777 permissions’ ‘WHAT?!?!?!?’
I was terribly embarrassed, one of the first tasks I do after install any HP-UX is to move the root home from / to /root and in this almost newly deployed 11.31 I didn’t change the permissions. Of course I quickly checked all my servers just in case and fortunately for me none of them had a misconfigured sshd.
Two days completely lost finghting against my foolishness, got out of bed on the wrong side this morning.
Oh I almost forgot… thanks Javi, you’re the best :-)