OT: My ssh authorized_keys doesn't work with nfs/nis
Polytropon
freebsd at edvax.de
Sat Sep 14 12:36:38 UTC 2019
On Sat, 14 Sep 2019 07:36:26 -0400, Aryeh Friedman wrote:
> On Sat, Sep 14, 2019 at 7:21 AM Polytropon <freebsd at edvax.de> wrote:
>
> > On Sat, 14 Sep 2019 07:09:17 -0400, Aryeh Friedman wrote:
> > > I am using the default out of the box /etc/sshd_config for 11 and 12 that
> > > has only two uncommented out configs:
> > >
> > > AuthorizedKeysFile .ssh/authorized_keys
> > > Subsystem sftp /usr/libexec/sftp-server
> > >
> > > So unless I am reading the first one completely wrong then it uses
> > > ~user/.ssh/authorized_keys which is what the ls above is of.
> >
> > From "man 5 sshd_config":
> >
> > AuthorizedKeysFile
> > Specifies the file that contains the public keys that can be
> > used
> > for user authentication. AuthorizedKeysFile may contain
> > tokens
> > of the form %T which are substituted during connection setup.
> > The following tokens are defined: %% is replaced by a literal
> > '%', %h is replaced by the home directory of the user being
> > authenticated, and %u is replaced by the username of that
> > user.
> > After expansion, AuthorizedKeysFile is taken to be an absolute
> > path or one relative to the user's home directory. The
> > default
> > is ``.ssh/authorized_keys''.
> >
> > Maybe you can try to use "%h/.ssh/authorized_keys" or, if it applies,
> > "/usr/home/%u/.ssh/authorized_keys" to check if this is a path problem?
> >
>
> Neither idea works and I don't think we are using the same version of sshd
> (your must be from ports or something mine is from base)... [...]
It is. :-)
> [...] because the
> same section of the man page reads nothing like what you posted:
>
> AuthorizedKeysFile
> Specifies the file that contains the public keys used for user
> authentication. The format is described in the AUTHORIZED_KEYS
> FILE FORMAT section of sshd(8). Arguments to
> AuthorizedKeysFile
> accept the tokens described in the TOKENS section. After
> expansion, AuthorizedKeysFile is taken to be an absolute path
> or
> one relative to the user's home directory. Multiple files may
> be
> listed, separated by whitespace. Alternately this option may
> be
> set to none to skip checking for user keys in files. The
> default
> is ".ssh/authorized_keys .ssh/authorized_keys2".
I assume the documentation source listed there will tell you
roughly the same. Maybe the keys path wasn't constructed as
required?
--
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
More information about the freebsd-questions
mailing list