Displaying 20 results from an estimated 10000 matches similar to: "there should be an authorized_keys(5) man page"
2006 Jan 19
3
ownership of authorized_keys
Hi,
I would like to make it impossible for users to change the
contents of the authorized_keys-file.
I just found out about the sshd_config setting:
AuthorizedKeysFile /etc/ssh/authorized_keys/%u
But even in that case that file has to be owned by the user,
unless I set ``StrictModes no'' which would allow other
nastyness. I would like to request that that file could also be
owned by
2010 Mar 03
1
cert-authority and authorized_keys file
Hi,
I noticed that in regress/cert-userkey.sh the signing key is added to
the authorized_keys file with the tag "cert-authority" whereas in
sshd(8) the tag is documented as "from=cert-authority." Since the former
seems to work, I assume the latter is a typo.
While on the subject of typos (which I have been known to make more than
my fair share of) I noticed the phrase
2010 Apr 02
2
AuthorizedKeysFile with default value prevents Public/Private key authentication
Hi All,
I noticed that if I put:
AuthorizedKeysFile .ssh/authorized_keys in my sshd_config file,
pub/priv key authentication no longer worked.
I am using OpenSSH_5.4p1, OpenSSL 0.9.8n 24 Mar 2010
on Archlinux.
Sam
****************** Here is my WORKING config ******************
Port 22
ListenAddress 0.0.0.0
Protocol 2
PermitRootLogin no
PubkeyAuthentication yes
#AuthorizedKeysFile
2008 Jul 15
2
Risk of StrictMode (but read only)
Is there a risk associated with having authorized_keys files set to readable but "StrictMode no"?
I am thinking particularly in the case of having public keys all centralized in a directory in /etc or something.
Is it really a potential hack vector if someone can read a public key, or is the only real danger if they were writable?
---
Don Hoover
dxh at yahoo.com
2008 Dec 19
4
only root without password
Hi all,
I have a very strange problem with the public key authentication with 2
machines.
I generated the key, configured the authorized_keys etc.. etc.. This is
all ok, now:
The ssh works without the password for the "root" user, any other user
cannot use the key and ssh ask me for the password !!
I cannot understand why only the root is able to connect without the
password. So, the ssh
2009 Jun 05
2
ssh trouble checklist
Hi.
There should be a checklist of everything that can go wrong with
making an ssh connection.
Here's one entry for the list, which I didn't know before, and
* I couldn't see the problem from the -ddd and -vvv output, and
* there were no /var/log/* file entries to give hints.
Here's what I did
sudo kill <pid-of-sshd>
/usr/sbin/sshd
No good.
Usually I did kill
2011 Nov 03
1
Help with CA Certificates for user authentication?
As background, I read:
http://therowes.net/~greg/2011/03/23/ssh-trusted-ca-key/
http://www.ibm.com/developerworks/aix/library/au-sshsecurity/
http://bryanhinton.com/blog/openssh-security
http://www.linuxhowtos.org/manpages/5/sshd_config.htm
2010 Jun 07
3
X509 based certificate authentication in OpenSSH
Hello,
I would like to know whether OpenSSH supports x509 certificate based
authentication.
It looks like OpenSSH has dependency on OpenSSL so does this mean that
OpeSSH also supports x509 certificate based authentication.
If it does support, can you please point me to the necessary
documentation.
Thanks
Naitik
2010 Mar 01
2
[Bug 1720] New: would be nice if authorized_keys(5) existed
https://bugzilla.mindrot.org/show_bug.cgi?id=1720
Summary: would be nice if authorized_keys(5) existed
Product: Portable OpenSSH
Version: 5.3p1
Platform: Other
URL: http://bugs.debian.org/441817
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Documentation
2011 Nov 27
3
Server moved
Hi,
The server move was completed over the weekend. Please let me know if
anything is broken.
-d
2004 Mar 10
1
MAN pages: authorized_keys
Howdy,
I would like to suggest a change in the ssh documentation for the
use of authorized_keys. The man page states:
This file is not highly sensitive, but the recommended permissions are
read/write for the user, and not accessible by others.
I'm may be knit picking, but it could be read that, while not
recommended, it is possible to allow access to the authorized_keys file
to other
2012 Feb 12
2
Key auth question
I have a problem getting key authentication to work with one remote user
(git), even though it works fine for the remote user "root". The remote
file .ssh/authorized_keys is identical for both users - I cp'ed it from
the root account to the git home dir.
On local machine (OS X, by the way) I have:
$ cd
$ ls -l .ssh
-rw------- 1 jussihirvi staff 668 Aug 24 16:13 id_rsa
(the
2013 Jan 14
4
AuthorizedKeysCommand
Hi there,
We could set AuthorizedKeysCommand script, this will allow only to replace
authorized_keys file with keys stored in a database... But why this command
is so limited?
Why i can't just set a command script which will get a username and public
key as arguments and let him do it's own authorization??
I think this will allow for much more powerful tricks. For example do to an
2007 Jun 05
9
[Bug 1319] New: ssh-keygen does not properly handle multiple keys
http://bugzilla.mindrot.org/show_bug.cgi?id=1319
Summary: ssh-keygen does not properly handle multiple keys
Product: Portable OpenSSH
Version: 4.5p1
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh-keygen
AssignedTo: bitbucket at mindrot.org
2013 Mar 22
4
Announce: OpenSSH 6.2 released
Changes since OpenSSH 6.1
=========================
This release introduces a number of new features:
Features:
* ssh(1)/sshd(8): Added support for AES-GCM authenticated encryption in
SSH protocol 2. The new cipher is available as aes128-gcm at openssh.com
and aes256-gcm at openssh.com. It uses an identical packet format to the
AES-GCM mode specified in RFC 5647, but uses simpler and
2015 Apr 22
2
shared private key
Hi SSH-devs,
This may be a bit off topic for this list, but....
Would it be ok to share a private key in an installer script so long
as the corresponding public key is setup like this...
command="cat ~/.ssh/id_rsa.pub" ssh-rsa AAAA...
I'm looking for a secure way to get a user to share their public key
through SSH which can be invoked from an installer on another
host...for
2010 Dec 31
2
happy new years ssh key problem :)
Hi List,
Happy New Years and I was hoping to get some help on an ssh issue
that I am having. For some reason I am unable to scp to hosts on this
network using RSA keys. Here is what I am doing/what is going on;
scp the public key to remote host
[amandabackup at VIRTCENT18 ~]$ scp ~/.ssh/id_rsa_amdump.pub amandabackup at lb1:~
amandabackup at lb1's password:
id_rsa_amdump.pub
2015 Jan 21
4
way to set shell used for remote commands?
On Wed, Jan 21, 2015 at 17:29:00 +0000, Alex Bligh wrote:
>
> On 21 Jan 2015, at 15:36, Jason Vas Dias <jason.vas.dias at gmail.com> wrote:
>
> > Please can OpenSSH provide some way of specifying which shell to use to
> > execute commands on a host.
>
> Using dash as an example of another shell:
>
> ssh 127.0.0.1 -t dash
>
> and
>
>
2015 Jan 15
4
OpenSSH v6.7 & NumberOfPasswordPrompts Option ...
Greetings,
I discovered an issue in the latest version of SSH, where the number of password prompts are doubled. If I specify 1, I get 2, and so on.
Best regards,
Trey Henefield, CISSP
Senior IAVA Engineer
Ultra Electronics
Advanced Tactical Systems, Inc.
4101 Smith School Road
Building IV, Suite 100
Austin, TX 78744 USA
Trey.Henefield at ultra-ats.com
Tel: +1 512 327 6795 ext. 647
Fax: +1
2010 May 26
2
hostbase authentication of hostcertificate
Dear All,
I am trying to use the hostcertificate to do the hostbaed authentication with the steps in the regress/cert-hostkey.sh
But it seems that it can not login with the hostcertificate.:
Here is debug message from the ssh client :
ssh -2 -oUserKnownHostsFile=/opt/ssh/etc/known_hosts-cert \
> -oGlobalKnownHostsFile=/opt/ssh/etc/known_hosts-cert sshia3 -p 1111 -vvv
debug1: checking