Find the answer to your Linux question:
Results 1 to 3 of 3
Hi, I'm running Debian etch on my fileserver. I have SSH running and configured for public key authentication and passwords disabled. What I want is to be authenticated via keys ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2008
    Posts
    5

    Need help with SSH


    Hi,

    I'm running Debian etch on my fileserver. I have SSH running and configured for public key authentication and passwords disabled. What I want is to be authenticated via keys and not have to enter the user password. The problem is that it allows me to log in as any user. As long as the key exists in /etc/ssh/authorized_keys, it will allow the connection and as any user specified.

    Obviously I've messed something up. But I've gone over the faqs and docs and I'm missing where it talks about how to tie specific keys to specific users. It should see by the key I provide that it is only valid for my user account. When my friend uses his key, it should see that it is only valid for his user account. How do I configure it in that way?

    Thanks!

  2. #2
    Just Joined!
    Join Date
    Feb 2008
    Posts
    5
    OK, I think I may have solved my own problem.

    I edited /etc/ssh/sshd_config and noticed that I had AuthorizedKeysFile set to /etc/ssh/authorized_keys. I changed it to .ssh/authorized_keys

    Then I put my public key into my .ssh/authorized_keys, and put my friend's into his .ssh/authorized_keys.

    I have tested it and I can log in as me, but not as him. So this seems to work. I'm not missing anything am I?

  3. #3
    Linux Enthusiast
    Join Date
    Aug 2006
    Location
    Portsmouth, UK
    Posts
    539
    Nope, that just about sums it up.

    strict mode on is also a good thing to set. ssh then requires strict permissions on your home and .ssh directory.

    What was happening before was:
    ssh was validating the user
    then it was looking for a valid key to the server

    It doesn't match a key to a user per-se so any matching pair can login.
    RHCE #100-015-395
    Please don't PM me with questions as no reply may offend, that's what the forums are for.

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •