From owner-freebsd-questions@FreeBSD.ORG  Sat Jun 14 19:01:12 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 514E71065673
	for <freebsd-questions@freebsd.org>;
	Sat, 14 Jun 2008 19:01:12 +0000 (UTC)
	(envelope-from peo@intersonic.se)
Received: from neonpark.inter-sonic.com (neonpark.inter-sonic.com
	[212.247.8.98]) by mx1.freebsd.org (Postfix) with ESMTP id 173A18FC17
	for <freebsd-questions@freebsd.org>;
	Sat, 14 Jun 2008 19:01:12 +0000 (UTC)
	(envelope-from peo@intersonic.se)
X-Virus-Scanned: amavisd-new at inter-sonic.com
Message-ID: <485412BD.9050403@intersonic.se>
Date: Sat, 14 Jun 2008 20:49:33 +0200
From: Per olof Ljungmark <peo@intersonic.se>
Organization: Intersonic AB
User-Agent: Thunderbird 2.0.0.12 (X11/20080427)
MIME-Version: 1.0
To: Martin McCormick <martin@dc.cis.okstate.edu>
References: <200806141802.m5EI27GF020260@dc.cis.okstate.edu>
In-Reply-To: <200806141802.m5EI27GF020260@dc.cis.okstate.edu>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@freebsd.org
Subject: Re: ssh Public Keys Suddenly Stopped working for one account.
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Jun 2008 19:01:12 -0000

Martin McCormick wrote:
> 	We have an account on several FreeBSD systems that is
> used for  automation. Several systems can talk to each other via
> ssh by using public keys so that scripts don't have to hold
> passwords.
> 
> 	Last night, an account that has been working for years
> suddenly won't let any of its cyber cohorts in without a
> password.
> 
> 	I bet I accidentally changed something sometime, but I
> can't figure out what.
> 
> 	The public keys hadn't changed since 2005 although
> today, I blew them all away and made new ones which still don't
> work on this one system but work on all others.
> 
> 	There is no password expiration timeout (the first thing
> I thought of) since the account is several years old.
> 
> 	All other accounts on this same system with public keys
> from their remote partners still work fine.
> 
> 	The ownership and permissions look right on the account
> directory.
> 
> 	Does this sound familiar and what else am I missing?
> 
> 	I can telnet in to the account on the localhost via the
> usual password which you can't do on an expired account.
> 
> 	I even did a stupid sort of measure which was to reset
> the password to itself and that didn't change anything.
> 
> 	Many thanks for other suggestions.

cat /var/log/auth.log ?

--per