SSH2 question?

VeeJay maanjee at
Sat Jan 20 16:53:17 UTC 2007


But I am not running any FTP server..... user is getting login by

would i have to change the user's login configruation or what?



On 1/20/07, Matthew Seaman <m.seaman at> wrote:
> VeeJay wrote:
> > Hello
> >
> > I have two questions, please comment...
> >
> > 1. Can one user have more than one public_keys i.e. multiple
> public_keys?
> Yes.
> > If yes to above, would all be stored at users path like
> /home/username/.ssh
> That would be the usual way of doing things, but there is no restriction
> on where you can put keys, other than the requirement that the location
> is sufficiently well secured that keys cannot be modified by anyone other
> than the owner or root.
> Note that ssh will by default look for private keys in ${HOME}/.ssh/id_dsa
> and ${HOME}/.ssh/id_rsa -- if you keep private keys in other files,
> you'll need to tell ssh that by using the '-I' flag on the command line
> *public* keys are different.  Public keys and the authorized_keys
> file must be stored relative to the home directory of the account they
> are being used to access.  Well, you generally keep a copy of the public
> key with the corresponding private key for reference -- unless it is
> in the authorized_keys file it doesn't have any effect.  The restrictions
> on who can modify the authorized_keys file are strict.
> > If yes, to above, would all public keys be written at the same line
> > for option in ssh_config file "AuthorizedKeysFile"?
> You can certainly add as many public keys as you want to an authorized
> keys file.  Basically that says that the owner of the public key
> corresponding to one of those public keys is permitted to log into that
> account.
> > AuthorizedKeysFile      .ssh/user_authorized_keys
> Note that this location is relative to the home directory of the account
> that is being logged into.  The assumption is that each userid has a
> separate home directory.  If you made a number of accounts and had them
> all share the same home directory, then the authorized keys file would
> permit login to any of the accounts using that home directory (assuming
> you could satisfy sshd's requirements about filesystem permissions)
> > 2. What about other users who also have SSH account, How to indentify in
> > ssh_config file that which public_key belongs to which user?
> You wouldn't use the ssh_config file for that.  There's a comment field
> at the end of a SSH public key which you can set to whatever value you
> want.  ssh-keygen defaults to username at hostname, but you can just edit
> the file and change it to whatever you want, so long as it is all on one
> line.
>        Cheers,
>        Matthew
> --
> Dr Matthew J Seaman MA, D.Phil.                       7 Priory Courtyard
>                                                      Flat 3
> PGP:         Ramsgate
>                                                      Kent, CT11 9PW


BR / vj

More information about the freebsd-questions mailing list