LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page [SOLVED] SSH Public Key Based Authentication
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-30-2013, 04:10 PM   #1
LinuxDunce
LQ Newbie
 
Registered: Aug 2013
Posts: 4

Rep: Reputation: 0
SSH Public Key Based Authentication

hello lq

I want to do SSH Public Key Based Authentication

There's no mention of modifying the /etc/ssh/sshd_config file in the article or don't no if it is necessary to do so.

If I want the ssh server to accept only key based authentication and no passwords, what lines in the sshd_config file should I comment out or in.

Thanks
Last edited by LinuxDunce; 08-30-2013 at 04:12 PM.
 
Old 08-30-2013, 05:06 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
Note this is really nothing to do with keys at all, just "not passwords". so you'd just set PasswordAuthentication to "no" as per the manpage for sshd_config
 
Old 08-30-2013, 05:28 PM   #3
LinuxDunce
LQ Newbie
 
Registered: Aug 2013
Posts: 4

Original Poster
Rep: Reputation: 0
OK, acid_kewpie, I'll give it a go.
 
Old 08-30-2013, 05:38 PM   #4
Janus_Hyperion
Member
 
Registered: Mar 2011
Location: /
Distribution: Fedora (typically latest release or development release)
Posts: 372

Rep: Reputation: Disabled
I think you should change passwords to no and this -
Code:
 PubKeyAuthentication yes
If this incorrect, someone please correct me!
 
Old 08-30-2013, 06:30 PM   #5
LinuxDunce
LQ Newbie
 
Registered: Aug 2013
Posts: 4

Original Poster
Rep: Reputation: 0
I followed the suggestions from both of you and it worked.

user1 with the public key was granted access. ( no password was asked )

And user2, who doesn't have a public key was presented with this error

Permission denied (publickey,keyboard-interactive). And couldn't log on the system.

+1 to both of you
Last edited by LinuxDunce; 08-30-2013 at 06:32 PM.
 
Old 08-30-2013, 07:10 PM   #6
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,659
Blog Entries: 4

Rep: Reputation: 3940Reputation: 3940Reputation: 3940Reputation: 3940Reputation: 3940Reputation: 3940Reputation: 3940Reputation: 3940Reputation: 3940Reputation: 3940Reputation: 3940
Check your settings one more time ... "keyboard-interactive" ought not be in that message.

As noted elsewhere, "ssh" has a very annoying "fee-chur" in that it will accept any authentication-method that it's been told to accept. "What? You don't have the super-duper security identity badge thingy? Cool! What's the magic word?" Furthermore, it will happily tell the presumed-intruder what his choices are! It should be set to accept only one thing: public keys.
 
Old 08-30-2013, 08:51 PM   #7
LinuxDunce
LQ Newbie
 
Registered: Aug 2013
Posts: 4

Original Poster
Rep: Reputation: 0
Hi sundialsvcs, thanks for informing me about the issue.

I did a google search on keyboard interactive

In the article it mentioned a challenged response. There was no challenge respond nor a prompt for user2. User2 does have a password of course. BTW, user1 and user2 are my test accounts to test public key authentication.

I'm no expert on ssh server authentication. I just follow what I read online. I don't want to modify the sshd_config file to much and mess things up. Right now it is doing what I want. Hopefully
Last edited by LinuxDunce; 08-30-2013 at 09:10 PM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh public key authentication teacup Linux - Networking 4 11-27-2011 11:27 PM
SSH skips public key authentication for a key, but works with another key simopal6 Linux - General 1 07-06-2011 08:33 AM
SSH public key authentication Jeroen1000 Linux - Security 12 09-07-2009 04:14 AM
Public Key Authentication with SSH edafe Ubuntu 1 08-26-2006 11:06 AM
Can't use public key authentication with SSH Noob69 Linux - General 5 01-06-2006 06:27 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:37 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration