Difference between revisions of "~/.ssh/authorized keys"

From wikieduonline
Jump to navigation Jump to search
 
(14 intermediate revisions by the same user not shown)
Line 1: Line 1:
<code>[[touch]] ~/[[.ssh]]/authorized_keys && [[chmod]] og-r ~/.ssh/authorized_keys</code>
+
* <code>[[touch]] ~/[[.ssh]]/authorized_keys && [[chmod]] og-r ~/.ssh/authorized_keys</code>
 +
* <code>[[chmod]] 600 ~/[[.ssh]]/authorized_keys or chmod ogw-r ~/.ssh/authorized_keys</code>
  
  [[chmod]] 600 ~/[[.ssh]]/authorized_keys
+
  [[chown]]  
  
[[chown]]
 
 
 
 
* [[Configure OpenSSH to allow Public-key authentication]]
 
* [[Configure OpenSSH to allow Public-key authentication]]
  
 +
[[sshd_config]]
 +
#[[AuthorizedKeysFile]] .ssh/authorized_keys .ssh/authorized_keys
 +
 +
https://linux.die.net/man/5/sshd_config [[sshd_config]]
  
https://linux.die.net/man/5/sshd_config
 
 
  AUTHORIZED_KEYS FILE FORMAT
 
  AUTHORIZED_KEYS FILE FORMAT
 
     AuthorizedKeysFile specifies the files containing public keys for public key authentication; if this option is not specified, the default is ~/.ssh/authorized_keys and
 
     AuthorizedKeysFile specifies the files containing public keys for public key authentication; if this option is not specified, the default is ~/.ssh/authorized_keys and
Line 41: Line 43:
 
           |  "ssh-ed25519"  |  32 byte public key
 
           |  "ssh-ed25519"  |  32 byte public key
  
 +
== Errors ==
 +
 +
[[sshd logs]]
 +
Apr 26 11:45:37 ip-10-10-10-10.eu-west-1.compute.internal sshd[18174]: Authentication refused: [[bad ownership or modes for file]] /home/your_user/.ssh/authorized_keys
  
 
== Related terms ==
 
== Related terms ==
 
* [[sftp configuration]]
 
* [[sftp configuration]]
 +
* <code>[[expiry-time]]</code> in [[OpenSSH 7.7]] ([[2018]])
 +
* <code>[[ssh-import-id]]</code>
 +
* [[AuthenticationMethods]]
 +
* <code>[[visudo]]</code>
  
 
== See also ==
 
== See also ==

Latest revision as of 14:56, 11 September 2023

  • touch ~/.ssh/authorized_keys && chmod og-r ~/.ssh/authorized_keys
  • chmod 600 ~/.ssh/authorized_keys or chmod ogw-r ~/.ssh/authorized_keys
chown 

sshd_config

#AuthorizedKeysFile	.ssh/authorized_keys .ssh/authorized_keys

https://linux.die.net/man/5/sshd_config sshd_config

AUTHORIZED_KEYS FILE FORMAT
    AuthorizedKeysFile specifies the files containing public keys for public key authentication; if this option is not specified, the default is ~/.ssh/authorized_keys and
    ~/.ssh/authorized_keys2.  Each line of the file contains one key (empty lines and lines starting with a ‘#’ are ignored as comments).  Public keys consist of the following
    space-separated fields: options, keytype, base64-encoded key, comment.  The options field is optional.  The supported key 
types are:
          [email protected]
          ecdsa-sha2-nistp256
          ecdsa-sha2-nistp384
          ecdsa-sha2-nistp521
          [email protected]
          ssh-ed25519
          ssh-dss
          ssh-rsa
    The comment field is not used for anything (but may be convenient for the user to identify the key).

Example files[edit]

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEBiBqpWXhPTH9RIo9UR3ED9xUv6O/SqpWRn16UH/gHD TEXT@TEXT
ssh-rsa .../...


Additional information about format key:

https://serverfault.com/questions/526399/why-do-my-two-ssh-public-keys-have-the-same-beginning/526404
https://tools.ietf.org/html/rfc4253
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ...
      |  "ssh-rsa"   |exponent|   modulus
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFKy...
          |   "ssh-ed25519"   |   32 byte public key

Errors[edit]

sshd logs

Apr 26 11:45:37 ip-10-10-10-10.eu-west-1.compute.internal sshd[18174]: Authentication refused: bad ownership or modes for file /home/your_user/.ssh/authorized_keys

Related terms[edit]

See also[edit]

Advertising: