Difference between revisions of "~/.ssh/authorized keys"
Jump to navigation
Jump to search
(4 intermediate revisions by the same user not shown) | |||
Line 7: | Line 7: | ||
[[sshd_config]] | [[sshd_config]] | ||
− | #AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys | + | #[[AuthorizedKeysFile]] .ssh/authorized_keys .ssh/authorized_keys |
https://linux.die.net/man/5/sshd_config [[sshd_config]] | https://linux.die.net/man/5/sshd_config [[sshd_config]] | ||
Line 43: | Line 43: | ||
| "ssh-ed25519" | 32 byte public key | | "ssh-ed25519" | 32 byte public key | ||
− | == Errors | + | == Errors == |
[[sshd logs]] | [[sshd logs]] | ||
− | Apr 26 11:45:37 ip-10-10-10-10.eu-west-1.compute.internal sshd[18174]: Authentication refused: bad ownership or modes for file /home/your_user/.ssh/authorized_keys | + | Apr 26 11:45:37 ip-10-10-10-10.eu-west-1.compute.internal sshd[18174]: Authentication refused: [[bad ownership or modes for file]] /home/your_user/.ssh/authorized_keys |
− | |||
== Related terms == | == Related terms == | ||
Line 53: | Line 52: | ||
* <code>[[expiry-time]]</code> in [[OpenSSH 7.7]] ([[2018]]) | * <code>[[expiry-time]]</code> in [[OpenSSH 7.7]] ([[2018]]) | ||
* <code>[[ssh-import-id]]</code> | * <code>[[ssh-import-id]]</code> | ||
+ | * [[AuthenticationMethods]] | ||
+ | * <code>[[visudo]]</code> | ||
== See also == | == See also == |
Latest revision as of 14:56, 11 September 2023
touch ~/.ssh/authorized_keys && chmod og-r ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys or chmod ogw-r ~/.ssh/authorized_keys
chown
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys
https://linux.die.net/man/5/sshd_config sshd_config
AUTHORIZED_KEYS FILE FORMAT AuthorizedKeysFile specifies the files containing public keys for public key authentication; if this option is not specified, the default is ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2. Each line of the file contains one key (empty lines and lines starting with a ‘#’ are ignored as comments). Public keys consist of the following space-separated fields: options, keytype, base64-encoded key, comment. The options field is optional. The supported key types are:
[email protected] ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 [email protected] ssh-ed25519 ssh-dss ssh-rsa
The comment field is not used for anything (but may be convenient for the user to identify the key).
Contents
Example files[edit]
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEBiBqpWXhPTH9RIo9UR3ED9xUv6O/SqpWRn16UH/gHD TEXT@TEXT ssh-rsa .../...
Additional information about format key:
- https://serverfault.com/questions/526399/why-do-my-two-ssh-public-keys-have-the-same-beginning/526404
- https://tools.ietf.org/html/rfc4253
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ... | "ssh-rsa" |exponent| modulus
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFKy... | "ssh-ed25519" | 32 byte public key
Errors[edit]
Apr 26 11:45:37 ip-10-10-10-10.eu-west-1.compute.internal sshd[18174]: Authentication refused: bad ownership or modes for file /home/your_user/.ssh/authorized_keys
Related terms[edit]
See also[edit]
- OpenSSH (changelog):
/etc/ssh/sshd_config
|/etc/ssh/ssh_config
|~/.ssh/
|openSSL | sshd logs
|sftp
|scp
|authorized_keys
|ssh-keygen
|ssh-keyscan
|ssh-add
|ssh-agent
|ssh
|Ssh -O stop
|ssh-copy-id
|CheckHostIP
|UseKeychain
, OpenSSF - SSH:
ssh
, TLS,.ppk, .pem, .crt, .pub
, ED25519, Key exchange method (KEX), public key, private key,ssh -Q kex
,IAMUserSSHKeys
,known_hosts
, ssh tunnel, Dropbear
Advertising: