SSH login for normal users using authorized keys

Pete Nesbitt pete at linux1.ca
Tue Nov 23 04:47:48 UTC 2004


On November 22, 2004 08:39 pm, Pete Nesbitt wrote:
> On November 22, 2004 08:10 pm, Harry Hoffman wrote:
> > Sorry, I'm a little late on this thread. But you have to login at least
> > once interactively before it will no longer ask for a password, right?
> >
> > Pete Nesbitt wrote:
> > > On November 22, 2004 06:04 am, Jithesh wrote:
> > >>Hi all,
> > >>
> > >>I was able to create successful login for the root account from a
> > >> remote client with the help of the public key and the authorized key.
> > >> But when I tried to do it for a normal account it still asks for the
> > >> password.
> > >>
> > >>Here is what I have done
> > >>1. Generated the public key in the client machine.
> > >>2. Copied the same into the server's normal user account's
> > >>~/.ssh/authorized_keys
> > >>3. Changed the permission to read only for the file authorized_keys
> > >>
> > >>I did the same thing for the root account and it worked but not or
> > >> other users.
> >
> > [snip... sorry Pete :-) ]
>
> I would think simply restarting the ssh daemon should do it so it reads the
> changes in the config about only using a key.
> --
> Pete Nesbitt, rhce


hmm, you mean the very first time when it asks about trusting the server. Yes, 
since that requires interaction, but it may also just present the dialog 
anyway (like if you use a pass-phrase with a key). Actually, if the key is in 
the users .ssh/authorized_keys file, no initial interaction should be 
required.

I'm thinking the real problem is more likely along the lines of the key not 
being 'forced' by using pam and/or sshd.conf to only allow key login from 
certain hosts.
-- 
Pete Nesbitt, rhce




More information about the redhat-list mailing list