Difference between revisions of "~/.ssh/authorized keys"
Jump to navigation
Jump to search
(13 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | <code>[[touch]] ~/[[.ssh]]/authorized_keys && [[chmod]] og-r ~/.ssh/authorized_keys</code> | + | * <code>[[touch]] ~/[[.ssh]]/authorized_keys && [[chmod]] og-r ~/.ssh/authorized_keys</code> |
+ | * <code>[[chmod]] 600 ~/[[.ssh]]/authorized_keys or chmod ogw-r ~/.ssh/authorized_keys</code> | ||
− | [[ | + | [[chown]] |
− | |||
− | |||
* [[Configure OpenSSH to allow Public-key authentication]] | * [[Configure OpenSSH to allow Public-key authentication]] | ||
+ | [[sshd_config]] | ||
+ | #[[AuthorizedKeysFile]] .ssh/authorized_keys .ssh/authorized_keys | ||
+ | |||
+ | https://linux.die.net/man/5/sshd_config [[sshd_config]] | ||
− | |||
AUTHORIZED_KEYS FILE FORMAT | AUTHORIZED_KEYS FILE FORMAT | ||
AuthorizedKeysFile specifies the files containing public keys for public key authentication; if this option is not specified, the default is ~/.ssh/authorized_keys and | AuthorizedKeysFile specifies the files containing public keys for public key authentication; if this option is not specified, the default is ~/.ssh/authorized_keys and | ||
Line 41: | Line 43: | ||
| "ssh-ed25519" | 32 byte public key | | "ssh-ed25519" | 32 byte public key | ||
+ | == Errors == | ||
+ | |||
+ | [[sshd logs]] | ||
+ | Apr 26 11:45:37 ip-10-10-10-10.eu-west-1.compute.internal sshd[18174]: Authentication refused: [[bad ownership or modes for file]] /home/your_user/.ssh/authorized_keys | ||
== Related terms == | == Related terms == | ||
* [[sftp configuration]] | * [[sftp configuration]] | ||
+ | * <code>[[expiry-time]]</code> in [[OpenSSH 7.7]] ([[2018]]) | ||
+ | * <code>[[ssh-import-id]]</code> | ||
+ | * [[AuthenticationMethods]] | ||
+ | * <code>[[visudo]]</code> | ||
== See also == | == See also == |
Latest revision as of 14:56, 11 September 2023
touch ~/.ssh/authorized_keys && chmod og-r ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys or chmod ogw-r ~/.ssh/authorized_keys
chown
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys
https://linux.die.net/man/5/sshd_config sshd_config
AUTHORIZED_KEYS FILE FORMAT AuthorizedKeysFile specifies the files containing public keys for public key authentication; if this option is not specified, the default is ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2. Each line of the file contains one key (empty lines and lines starting with a ‘#’ are ignored as comments). Public keys consist of the following space-separated fields: options, keytype, base64-encoded key, comment. The options field is optional. The supported key types are:
[email protected] ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 [email protected] ssh-ed25519 ssh-dss ssh-rsa
The comment field is not used for anything (but may be convenient for the user to identify the key).
Contents
Example files[edit]
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEBiBqpWXhPTH9RIo9UR3ED9xUv6O/SqpWRn16UH/gHD TEXT@TEXT ssh-rsa .../...
Additional information about format key:
- https://serverfault.com/questions/526399/why-do-my-two-ssh-public-keys-have-the-same-beginning/526404
- https://tools.ietf.org/html/rfc4253
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ... | "ssh-rsa" |exponent| modulus
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFKy... | "ssh-ed25519" | 32 byte public key
Errors[edit]
Apr 26 11:45:37 ip-10-10-10-10.eu-west-1.compute.internal sshd[18174]: Authentication refused: bad ownership or modes for file /home/your_user/.ssh/authorized_keys
Related terms[edit]
See also[edit]
- OpenSSH (changelog):
/etc/ssh/sshd_config
|/etc/ssh/ssh_config
|~/.ssh/
|openSSL | sshd logs
|sftp
|scp
|authorized_keys
|ssh-keygen
|ssh-keyscan
|ssh-add
|ssh-agent
|ssh
|Ssh -O stop
|ssh-copy-id
|CheckHostIP
|UseKeychain
, OpenSSF - SSH:
ssh
, TLS,.ppk, .pem, .crt, .pub
, ED25519, Key exchange method (KEX), public key, private key,ssh -Q kex
,IAMUserSSHKeys
,known_hosts
, ssh tunnel, Dropbear
Advertising: