Re: Non-interactive SSH Login.

• Previous message: Bill Unruh: "Re: Public key authentication between open-ssh and ssh2"
• In reply to: ColoC: "Re: Non-interactive SSH Login."
• Next in thread: ColoC: "Re: Non-interactive SSH Login."
• Reply: ColoC: "Re: Non-interactive SSH Login."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Alex" <alex.ferguson@NOSPAMdartmouth.edu>
Date: Thu, 24 Apr 2003 11:15:20 -0400

On 24 Apr 2003 04:48:43 -0700
colocoloc@yahoo.com (ColoC) wrote:
> The "authorized_keys" file seems to be the point. However now my
> questions are:
>
> -- Should the "authorized_keys" file always have the same content as
> that in the file "id_rsa.pub"? If so, why do I have to copy the file
> to another name, while the file "id_rsa.pub" is readable to everyone?
>
> -- If I have a ftp-only account (I don't even have a home directory,
> can not even login the system via ssh -- only sftp or ftp is allowed),
> how can I make my configurations as above? Do I have to seek for help
> from the root? What if he can't build a commonly-shared
> non-interactive configuration for that ftp-only user?
>
> ColoC

The authorized_keys file can contain several public keys. For example, you might have different private keys on a couple of computers and wish to log in to the ssh account from any of them. Just append each public key to authorized_keys. You don't need to keep id_rsa.pub on the remote host; sshd only looks at authorized_keys.

In general sftp respects the ~/.ssh/authorized_keys file just as ssh does (because sftp is ssh under the hood). If you don't have write access to your home directory, then you will need help from your sysadmin.

--Alex

-- 
PGP/GPG key id 848C80EF available at wwwkeys.pgp.net

• Previous message: Bill Unruh: "Re: Public key authentication between open-ssh and ssh2"
• In reply to: ColoC: "Re: Non-interactive SSH Login."
• Next in thread: ColoC: "Re: Non-interactive SSH Login."
• Reply: ColoC: "Re: Non-interactive SSH Login."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Linux hacked ... Also, what exactly did the history file show, can you paste it into a mail ... > First let me say I'm a security novice. ... > been unsuccessful in getting root back. ... > via ssh but you could su in once logged in as one of three users. ... (Security-Basics) Re: Linux hacked ... To find out what kernel version you are running, type "uname -a" without ... > been unsuccessful in getting root back. ... > via ssh but you could su in once logged in as one of three users. ... (Security-Basics) Re: X11Forwarding, ssh -X, and /bin/su ... ]>but I'm not really tunneled using ssh then, ... ]connecting to the X server and have the home directory NFS-mounted ... ](unless you leave root unmapped over NFS, ... ]root-readable place and set the environment $XAUTHORITY variable ... (comp.security.ssh) RE: Linux hacked ... hack the box, pull the drive and save it. ... Use the newest versions of Gentoo, Apache, SSH, PHP and Squirl Mail. ... been unsuccessful in getting root back. ... I found a hidden directory /var/tmp/.tmp that has a bunch of directories ... (Security-Basics) RE: Linux hacked ... Was any of the sites running a php nuke or another portal or system that is vuln ... been able to use that with a locla root exploit to gain root on the machine. ... > hack the box, pull the drive and save it. ... > Use the newest versions of Gentoo, Apache, SSH, PHP and Squirl Mail. ... (Security-Basics)