LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 03-25-2008, 06:22 PM   #1
a2brute
Member
 
Registered: Feb 2005
Location: State of Denial
Distribution: (X/K)Ubuntu for desktop/laptop, DSL for old machines, Debian for Servers.
Posts: 36

Rep: Reputation: 15
Question Possible to have multiple SSH accounts & clients using the same RSA key on server??


I have a server with approximately 310 user accounts. Each account ties to a respective workstation. I would like to have each user on each workstation be able to ssh in to the server using the same RSA key. That way I only have to copy a single key file to each home directory on the server, and a single key file to each workstation.

As far as I understand, The key file in each user account on the server must contain the username and hostname from which they are loggin in. If there is an option I can configure so that it does not matter what the user name, or host name is, as long as the key in the file matches, that is what I need to know.

The project does not allow time for the individual configuration of RSA keys on each workstation and user account.

If anyone has experience with this, please let me know.

Thanks.
 
Old 03-29-2008, 07:36 AM   #2
carltm
Member
 
Registered: Jan 2007
Location: Canton, MI
Distribution: CentOS, SuSE, Red Hat, Debian, etc.
Posts: 700

Rep: Reputation: 96
Keys do not need to have a username associated with them,
although it's not uncommon for keys to include optional
info, such as usernames, just to make it easy to remember
which key is which.

All you need to do is create a key for one test user
and make it work on the server. Typically this means
copying the public key into the user's .ssh/authorized_keys
file. Next copy the public key into another user's file,
copy the private key from the test user to another user's
computer and verify that it works.

One word of warning! Be aware that this setup will
allow any user with the shared key to log in as any
other user with the same key. In that sense, it's
a really bad idea. It would be better to create one
Linux account and have everyone share it than to have
many individual accounts without any certainty about
who is actually using a particular account.
 
Old 03-31-2008, 01:25 PM   #3
a2brute
Member
 
Registered: Feb 2005
Location: State of Denial
Distribution: (X/K)Ubuntu for desktop/laptop, DSL for old machines, Debian for Servers.
Posts: 36

Original Poster
Rep: Reputation: 15
Thumbs up

Thanks very much for the clarification. I had wrongly assumed that since the user and hostname was added to the key file upon creation, that it was mandatory info. This makes things much easier.

Also, thanks for the warning and suggestion regarding users being able to login in as other users. I'll keep that in mind.

Thankfully, in this particular setup, each client workstation has a scripted login and the workstation is highly locked down. So much that the user cannot run anything but a preset choice of 3 shell scripts, and a web browser.

Thanks again.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
failed ssh RSA key authentication jdarren Linux - Networking 15 07-06-2008 11:25 AM
SSH rsa key PB0711 Linux - Security 3 09-10-2006 04:57 PM
SSH RSA key problem taiwf Linux - General 3 05-21-2006 10:33 PM
Create multiple accounts & SSH guptawizard Linux - Newbie 2 01-13-2005 02:27 PM
ssh RSA key thanat0s Linux - Security 3 09-29-2003 10:51 PM


All times are GMT -5. The time now is 06:47 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration