SSH permission denied

[billotronic]

I am having issues getting this up and running on two computers on the same LAN.

Error on client is

uni-unicloud_client-1 | SSH Connection KO, exit code 255, output unison@192.168.0.104: Permission denied (publickey,password,keyboard-interactive).

I have checked that the server has the pubkey listed and it is there. Not sure what else can be the problem

[agarbato]

Hi,

If pubkey is already on server authorized keys means client registration completed successfully. Did you activate the client from the UI?

Do you have SERVER_DEBUG=True on server? In that case you should see on server /data/log/sshd.log which should give you some info.

If you can share docker-compose files I can have a look. This can also happen if data folder is not clean (for example you changed role from server to client without cleaning data folder).

[billotronic]

Yes, client activated via server GUI

Last lines of sshd.log:

Authentication refused: bad ownership or modes for directory /data Failed publickey for unison from 192.168.0.146 port 41660 ssh2: RSA SHA256:hfMvC9U6t2pU8Zz4Z+jP7/ZBw1u+Hl6bIB+J7QbeaS0 Failed none for unison from 192.168.0.146 port 41660 ssh2 Failed password for unison from 192.168.0.146 port 41660 ssh2 Failed password for unison from 192.168.0.146 port 41660 ssh2 Connection closed by authenticating user unison 192.168.0.146 port 41660 [preauth] Connection from 192.168.0.146 port 47476 on 172.19.0.2 port 22 rdomain "" Authentication refused: bad ownership or modes for directory /data Failed publickey for unison from 192.168.0.146 port 47476 ssh2: RSA SHA256:hfMvC9U6t2pU8Zz4Z+jP7/ZBw1u+Hl6bIB+J7QbeaS0 Failed none for unison from 192.168.0.146 port 47476 ssh2 Failed password for unison from 192.168.0.146 port 47476 ssh2 Failed password for unison from 192.168.0.146 port 47476 ssh2 Connection closed by authenticating user unison 192.168.0.146 port 47476 [preauth] Connection from 192.168.0.146 port 40028 on 172.19.0.2 port 22 rdomain ""

`version: "3.3" services:

SERVER

test_unicloud_server: image: agarbato1/unison-unicloud ports:

• 2222:22
• 5002:80 environment:
• USER=unison
• USER_UID=1000
• SERVER_HOSTNAME=unicloud_testing_server
• SERVER_UI_USERNAME=admin
• SERVER_UI_PASSWORD=abcd12345
• SERVER_DEBUG=True
• ROLE=SERVER volumes:
• type: bind source: /mnt/user/dockerdata/uni target: /data
• type: bind source: /mnt/user/ target: /shares networks: unison: driver: bridge ipam: driver: default`

`version: '3.3' services:

CLIENT

unicloud_client: image: agarbato1/unison-unicloud environment:

• CLIENT_HOSTNAME=testing-client1
• ROLE=CLIENT
• USER=unison
• USER_UID=1000
• SERVER_HOSTNAME=192.168.0.104
• SERVER_PORT=2222
• SERVER_SHARE=TV
• SHARE_IGNORE=.git*|.idea|.unison|.DS_Store
• API_PROTOCOL=http
• API_PORT=5002
• SYNC_INTERVAL=120 restart: on-failure volumes:
• type: bind source: /export/Dockerdata/uniclient target: /data
• type: bind source: /export/ target: /share networks: unison: networks: unison: driver: bridge ipam: driver: default `

Thank you very much for your prompt answer. This project is super slick.

[agarbato]

Thank you for sharing compose files. It seems there's an issue with /data folder permission on server side. When that happens ssh refuses to accept keys. Is USER_UID=1000 a valid user on your server? You can check with id command.

Also make sure /mnt/user/dockerdata/uni permission is not 777 Normally on startup we check and fix /data permission, you can check on docker-compose logs on server side. /mnt/user/dockerdata/uni should be owned by user id 1000 on you system.

You can fix manually but it shouldn't be necessary. My guess is you server uid is not 1000.

chmod go-w /mnt/user/dockerdata/uni chmod 700 /mnt/user/dockerdata/uni/.ssh chmod 600 /mnt/user/dockerdata/uni/.ssh/unicloud_authorized_keys

[billotronic]

After doing some more digging on my end, this is most definitely a permissions issue due to my host setup for the server. Please close this and I thank you very much for trying to help sort me out.

[agarbato]

You're very welcome.