OT: My ssh authorized_keys doesn't work with nfs/nis
Aryeh Friedman
aryeh.friedman at gmail.com
Sat Sep 14 11:36:39 UTC 2019
On Sat, Sep 14, 2019 at 7:21 AM Polytropon <freebsd at edvax.de> wrote:
> On Sat, 14 Sep 2019 07:09:17 -0400, Aryeh Friedman wrote:
> > I am using the default out of the box /etc/sshd_config for 11 and 12 that
> > has only two uncommented out configs:
> >
> > AuthorizedKeysFile .ssh/authorized_keys
> > Subsystem sftp /usr/libexec/sftp-server
> >
> > So unless I am reading the first one completely wrong then it uses
> > ~user/.ssh/authorized_keys which is what the ls above is of.
>
> From "man 5 sshd_config":
>
> AuthorizedKeysFile
> Specifies the file that contains the public keys that can be
> used
> for user authentication. AuthorizedKeysFile may contain
> tokens
> of the form %T which are substituted during connection setup.
> The following tokens are defined: %% is replaced by a literal
> '%', %h is replaced by the home directory of the user being
> authenticated, and %u is replaced by the username of that
> user.
> After expansion, AuthorizedKeysFile is taken to be an absolute
> path or one relative to the user's home directory. The
> default
> is ``.ssh/authorized_keys''.
>
> Maybe you can try to use "%h/.ssh/authorized_keys" or, if it applies,
> "/usr/home/%u/.ssh/authorized_keys" to check if this is a path problem?
>
Neither idea works and I don't think we are using the same version of sshd
(your must be from ports or something mine is from base)... because the
same section of the man page reads nothing like what you posted:
AuthorizedKeysFile
Specifies the file that contains the public keys used for user
authentication. The format is described in the AUTHORIZED_KEYS
FILE FORMAT section of sshd(8). Arguments to
AuthorizedKeysFile
accept the tokens described in the TOKENS section. After
expansion, AuthorizedKeysFile is taken to be an absolute path
or
one relative to the user's home directory. Multiple files may
be
listed, separated by whitespace. Alternately this option may
be
set to none to skip checking for user keys in files. The
default
is ".ssh/authorized_keys .ssh/authorized_keys2".
>
>
>
> --
> Polytropon
> Magdeburg, Germany
> Happy FreeBSD user since 4.0
> Andra moi ennepe, Mousa, ...
>
--
Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org
More information about the freebsd-questions
mailing list