Possible to have multiple SSH accounts & clients using the same RSA key on server??
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: (X/K)Ubuntu for desktop/laptop, DSL for old machines, Debian for Servers.
Posts: 36
Rep:
Possible to have multiple SSH accounts & clients using the same RSA key on server??
I have a server with approximately 310 user accounts. Each account ties to a respective workstation. I would like to have each user on each workstation be able to ssh in to the server using the same RSA key. That way I only have to copy a single key file to each home directory on the server, and a single key file to each workstation.
As far as I understand, The key file in each user account on the server must contain the username and hostname from which they are loggin in. If there is an option I can configure so that it does not matter what the user name, or host name is, as long as the key in the file matches, that is what I need to know.
The project does not allow time for the individual configuration of RSA keys on each workstation and user account.
If anyone has experience with this, please let me know.
Keys do not need to have a username associated with them,
although it's not uncommon for keys to include optional
info, such as usernames, just to make it easy to remember
which key is which.
All you need to do is create a key for one test user
and make it work on the server. Typically this means
copying the public key into the user's .ssh/authorized_keys
file. Next copy the public key into another user's file,
copy the private key from the test user to another user's
computer and verify that it works.
One word of warning! Be aware that this setup will
allow any user with the shared key to log in as any
other user with the same key. In that sense, it's
a really bad idea. It would be better to create one
Linux account and have everyone share it than to have
many individual accounts without any certainty about
who is actually using a particular account.
Distribution: (X/K)Ubuntu for desktop/laptop, DSL for old machines, Debian for Servers.
Posts: 36
Original Poster
Rep:
Thanks very much for the clarification. I had wrongly assumed that since the user and hostname was added to the key file upon creation, that it was mandatory info. This makes things much easier.
Also, thanks for the warning and suggestion regarding users being able to login in as other users. I'll keep that in mind.
Thankfully, in this particular setup, each client workstation has a scripted login and the workstation is highly locked down. So much that the user cannot run anything but a preset choice of 3 shell scripts, and a web browser.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.