Difference between revisions of "~/.ssh/authorized keys"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
|||
| (35 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | * <code>[[touch]] ~/[[.ssh]]/authorized_keys && [[chmod]] og-r ~/.ssh/authorized_keys</code> | ||
| + | * <code>[[chmod]] 600 ~/[[.ssh]]/authorized_keys or chmod ogw-r ~/.ssh/authorized_keys</code> | ||
| + | |||
| + | [[chown]] | ||
| + | |||
* [[Configure OpenSSH to allow Public-key authentication]] | * [[Configure OpenSSH to allow Public-key authentication]] | ||
| + | [[sshd_config]] | ||
| + | #[[AuthorizedKeysFile]] .ssh/authorized_keys .ssh/authorized_keys | ||
| + | |||
| + | https://linux.die.net/man/5/sshd_config [[sshd_config]] | ||
| − | + | AUTHORIZED_KEYS FILE FORMAT | |
| − | AUTHORIZED_KEYS FILE FORMAT | ||
AuthorizedKeysFile specifies the files containing public keys for public key authentication; if this option is not specified, the default is ~/.ssh/authorized_keys and | AuthorizedKeysFile specifies the files containing public keys for public key authentication; if this option is not specified, the default is ~/.ssh/authorized_keys and | ||
~/.ssh/authorized_keys2. Each line of the file contains one key (empty lines and lines starting with a ‘#’ are ignored as comments). Public keys consist of the following | ~/.ssh/authorized_keys2. Each line of the file contains one key (empty lines and lines starting with a ‘#’ are ignored as comments). Public keys consist of the following | ||
| − | space-separated fields: options, keytype, base64-encoded key, comment. The options field is optional. The supported key types are: | + | space-separated fields: options, keytype, [[base64]]-encoded key, comment. The options field is optional. The supported key |
| + | types are: | ||
| Line 13: | Line 22: | ||
ecdsa-sha2-nistp521 | ecdsa-sha2-nistp521 | ||
| − | ssh-ed25519 | + | ssh-[[ed25519]] |
ssh-dss | ssh-dss | ||
ssh-rsa | ssh-rsa | ||
The comment field is not used for anything (but may be convenient for the user to identify the key). | The comment field is not used for anything (but may be convenient for the user to identify the key). | ||
| − | </ | + | |
| + | == Example files == | ||
| + | [[ssh-ed25519]] AAAAC3NzaC1lZDI1NTE5AAAAIEBiBqpWXhPTH9RIo9UR3ED9xUv6O/SqpWRn16UH/gHD TEXT@TEXT | ||
| + | [[ssh-rsa]] .../... | ||
| + | |||
| + | |||
| + | Additional information about format key: | ||
| + | |||
| + | :https://serverfault.com/questions/526399/why-do-my-two-ssh-public-keys-have-the-same-beginning/526404 | ||
| + | :https://tools.ietf.org/html/rfc4253 | ||
| + | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ... | ||
| + | | "ssh-rsa" |exponent| modulus | ||
| + | |||
| + | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFKy... | ||
| + | | "ssh-ed25519" | 32 byte public key | ||
| + | |||
| + | == Errors == | ||
| + | |||
| + | [[sshd logs]] | ||
| + | Apr 26 11:45:37 ip-10-10-10-10.eu-west-1.compute.internal sshd[18174]: Authentication refused: [[bad ownership or modes for file]] /home/your_user/.ssh/authorized_keys | ||
| + | |||
| + | == Related terms == | ||
| + | * [[sftp configuration]] | ||
| + | * <code>[[expiry-time]]</code> in [[OpenSSH 7.7]] ([[2018]]) | ||
| + | * <code>[[ssh-import-id]]</code> | ||
| + | * [[AuthenticationMethods]] | ||
| + | * <code>[[visudo]]</code> | ||
== See also == | == See also == | ||
Latest revision as of 14:56, 11 September 2023
touch ~/.ssh/authorized_keys && chmod og-r ~/.ssh/authorized_keyschmod 600 ~/.ssh/authorized_keys or chmod ogw-r ~/.ssh/authorized_keys
chown
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys
https://linux.die.net/man/5/sshd_config sshd_config
AUTHORIZED_KEYS FILE FORMAT
AuthorizedKeysFile specifies the files containing public keys for public key authentication; if this option is not specified, the default is ~/.ssh/authorized_keys and
~/.ssh/authorized_keys2. Each line of the file contains one key (empty lines and lines starting with a ‘#’ are ignored as comments). Public keys consist of the following
space-separated fields: options, keytype, base64-encoded key, comment. The options field is optional. The supported key
types are:
[email protected] ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 [email protected] ssh-ed25519 ssh-dss ssh-rsa
The comment field is not used for anything (but may be convenient for the user to identify the key).
Contents
Example files[edit]
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEBiBqpWXhPTH9RIo9UR3ED9xUv6O/SqpWRn16UH/gHD TEXT@TEXT ssh-rsa .../...
Additional information about format key:
- https://serverfault.com/questions/526399/why-do-my-two-ssh-public-keys-have-the-same-beginning/526404
- https://tools.ietf.org/html/rfc4253
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ...
| "ssh-rsa" |exponent| modulus
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFKy...
| "ssh-ed25519" | 32 byte public key
Errors[edit]
Apr 26 11:45:37 ip-10-10-10-10.eu-west-1.compute.internal sshd[18174]: Authentication refused: bad ownership or modes for file /home/your_user/.ssh/authorized_keys
Related terms[edit]
See also[edit]
- OpenSSH (changelog):
/etc/ssh/sshd_config|/etc/ssh/ssh_config|~/.ssh/|openSSL | sshd logs|sftp|scp|authorized_keys|ssh-keygen|ssh-keyscan|ssh-add|ssh-agent|ssh|Ssh -O stop|ssh-copy-id|CheckHostIP|UseKeychain, OpenSSF - SSH:
ssh, TLS,.ppk, .pem, .crt, .pub, ED25519, Key exchange method (KEX), public key, private key,ssh -Q kex,IAMUserSSHKeys,known_hosts, ssh tunnel, Dropbear
Advertising:
