RE: SSH login for normal users using authorized keys

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




> -----Original Message-----
> From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-
> bounces@xxxxxxxxxx] On Behalf Of SysAdmin
> Sent: Thursday, November 17, 2005 4:33 AM
> To: redhat-list@xxxxxxxxxx
> Subject: SSH login for normal users using authorized keys
> 
> Hi all,
> 
> I was able to create successful login for the root account from a remote
> client with the help of the public key and the authorized key. But when
> I tried to do it for a normal account it still asks for the password.
> 
> Here is what I have done
> 1. Generated the public key in the client machine.
> /2. Copied the same into the server's normal user account's
> ~/.ssh/authorized_keys
>  3. Changed the permission to read only for the file authorized_keys
> 
> I did the same thing for the root account and it worked but not or other
> users.
> 
> Thanking You.
> 
> Regards
> 
> Sachin Khollam
> 

Check the permissions on the user's .ssh directory, as well.  They should
only be writeable by the owner (which should be the user in question).

If they are not, sshd will disregard public key authentication and will
prompt for a password if PasswordAuthentication is set to yes.

If this is the issue, the reason you did not see this same problem for root
is that your root umask is set to 0022 and a normal user umask is set to
0002.  Meaning, for root, by default, only the owner has write privileges on
a newly-created directory.

If you just want to authenticate using public/private key pairs, set the
following:

PasswordAuthentication no
ChallengeResponseAuthentication no

Hope this helps,
Michael

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux