RE: SSH login for normal users using authorized keys

• Previous message: Manuel Arostegui Ramirez: "Re: SSH login for normal users using authorized keys"
• In reply to: SysAdmin: "SSH login for normal users using authorized keys"
• Next in thread: Magnus Andersen: "Re: SSH login for normal users using authorized keys"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: "'General Red Hat Linux discussion list'" <redhat-list@redhat.com>
Date: Thu, 17 Nov 2005 05:33:37 -0500

> -----Original Message-----
> From: redhat-list-bounces@redhat.com [mailto:redhat-list-
> bounces@redhat.com] On Behalf Of SysAdmin
> Sent: Thursday, November 17, 2005 4:33 AM
> To: redhat-list@redhat.com
> Subject: SSH login for normal users using authorized keys
>
> Hi all,
>
> I was able to create successful login for the root account from a remote
> client with the help of the public key and the authorized key. But when
> I tried to do it for a normal account it still asks for the password.
>
> Here is what I have done
> 1. Generated the public key in the client machine.
> /2. Copied the same into the server's normal user account's
> ~/.ssh/authorized_keys
> 3. Changed the permission to read only for the file authorized_keys
>
> I did the same thing for the root account and it worked but not or other
> users.
>
> Thanking You.
>
> Regards
>
> Sachin Khollam
>

Check the permissions on the user's .ssh directory, as well. They should
only be writeable by the owner (which should be the user in question).

If they are not, sshd will disregard public key authentication and will
prompt for a password if PasswordAuthentication is set to yes.

If this is the issue, the reason you did not see this same problem for root
is that your root umask is set to 0022 and a normal user umask is set to
0002. Meaning, for root, by default, only the owner has write privileges on
a newly-created directory.

If you just want to authenticate using public/private key pairs, set the
following:

PasswordAuthentication no
ChallengeResponseAuthentication no

Hope this helps,
Michael

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

• Previous message: Manuel Arostegui Ramirez: "Re: SSH login for normal users using authorized keys"
• In reply to: SysAdmin: "SSH login for normal users using authorized keys"
• Next in thread: Magnus Andersen: "Re: SSH login for normal users using authorized keys"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: user privledges ... > redhat 7.2 i created a user account for myself to use on a daily basis. ... > fare i have just been su - and entering the root pass. ... it started but would not install because i did ... sofware to /opt/musicmatch as a normal user. ... (comp.security.unix) Re: jail() House Rock ... Think carefully about exactly what kind of privileges your clients get. ... normal user account on the main server, and root inside the jail. ... (FreeBSD-Security) Re: [SLE] Firefox, fixed and broken again.... :-( ... >> through KDE as root but not as a normal user. ... But if it works for root, not for user, I ... I opened Firefox it opened fine. ... I then tried opening Firefox again - remember it ... (SuSE) Re: GUI login screen. ... Well i think the best solution to get around this is to setup a normal user account... ... then edit the /etc/passwd file and set that person with root permissions so as soon as they login theyre automatically made root. ... (Debian-User) Re: startx Fatal server error: Cannot open /dev/tty0 ... > startx fails under your normal user login but starts normally under your ... the question become why root user ... can init the video device, ... (alt.os.linux.suse)