OT: My ssh authorized_keys doesn't work with nfs/nis
freebsd at edvax.de
Sat Sep 14 12:36:38 UTC 2019
On Sat, 14 Sep 2019 07:36:26 -0400, Aryeh Friedman wrote:
> On Sat, Sep 14, 2019 at 7:21 AM Polytropon <freebsd at edvax.de> wrote:
> > On Sat, 14 Sep 2019 07:09:17 -0400, Aryeh Friedman wrote:
> > > I am using the default out of the box /etc/sshd_config for 11 and 12 that
> > > has only two uncommented out configs:
> > >
> > > AuthorizedKeysFile .ssh/authorized_keys
> > > Subsystem sftp /usr/libexec/sftp-server
> > >
> > > So unless I am reading the first one completely wrong then it uses
> > > ~user/.ssh/authorized_keys which is what the ls above is of.
> > From "man 5 sshd_config":
> > AuthorizedKeysFile
> > Specifies the file that contains the public keys that can be
> > used
> > for user authentication. AuthorizedKeysFile may contain
> > tokens
> > of the form %T which are substituted during connection setup.
> > The following tokens are defined: %% is replaced by a literal
> > '%', %h is replaced by the home directory of the user being
> > authenticated, and %u is replaced by the username of that
> > user.
> > After expansion, AuthorizedKeysFile is taken to be an absolute
> > path or one relative to the user's home directory. The
> > default
> > is ``.ssh/authorized_keys''.
> > Maybe you can try to use "%h/.ssh/authorized_keys" or, if it applies,
> > "/usr/home/%u/.ssh/authorized_keys" to check if this is a path problem?
> Neither idea works and I don't think we are using the same version of sshd
> (your must be from ports or something mine is from base)... [...]
It is. :-)
> [...] because the
> same section of the man page reads nothing like what you posted:
> Specifies the file that contains the public keys used for user
> authentication. The format is described in the AUTHORIZED_KEYS
> FILE FORMAT section of sshd(8). Arguments to
> accept the tokens described in the TOKENS section. After
> expansion, AuthorizedKeysFile is taken to be an absolute path
> one relative to the user's home directory. Multiple files may
> listed, separated by whitespace. Alternately this option may
> set to none to skip checking for user keys in files. The
> is ".ssh/authorized_keys .ssh/authorized_keys2".
I assume the documentation source listed there will tell you
roughly the same. Maybe the keys path wasn't constructed as
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
More information about the freebsd-questions