Date: Sat, 14 Sep 2019 14:36:35 +0200 From: Polytropon <freebsd@edvax.de> To: Aryeh Friedman <aryeh.friedman@gmail.com> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: OT: My ssh authorized_keys doesn't work with nfs/nis Message-ID: <20190914143635.95f83f06.freebsd@edvax.de> In-Reply-To: <CAGBxaXmt1bH78sbGJzbLoAvzSN9mRfbWW89AFjQpuiXG9DVrCA@mail.gmail.com> References: <CAGBxaXkVQNE6deyWs9JXh9vqmKz8tLc9HfqC8ZmBLrK2jv7p3A@mail.gmail.com> <0b5eed49-986a-d40e-7df9-971a47cb500e@FreeBSD.org> <CAGBxaXmyX-YT4=1aH5dCRT4sj0H1ZMxnOnKO4ctVf=vtWqY=5Q@mail.gmail.com> <20190914132059.207eef7e.freebsd@edvax.de> <CAGBxaXmt1bH78sbGJzbLoAvzSN9mRfbWW89AFjQpuiXG9DVrCA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 14 Sep 2019 07:36:26 -0400, Aryeh Friedman wrote: > On Sat, Sep 14, 2019 at 7:21 AM Polytropon <freebsd@edvax.de> wrote: > > > On Sat, 14 Sep 2019 07:09:17 -0400, Aryeh Friedman wrote: > > > I am using the default out of the box /etc/sshd_config for 11 and 12 that > > > has only two uncommented out configs: > > > > > > AuthorizedKeysFile .ssh/authorized_keys > > > Subsystem sftp /usr/libexec/sftp-server > > > > > > So unless I am reading the first one completely wrong then it uses > > > ~user/.ssh/authorized_keys which is what the ls above is of. > > > > From "man 5 sshd_config": > > > > AuthorizedKeysFile > > Specifies the file that contains the public keys that can be > > used > > for user authentication. AuthorizedKeysFile may contain > > tokens > > of the form %T which are substituted during connection setup. > > The following tokens are defined: %% is replaced by a literal > > '%', %h is replaced by the home directory of the user being > > authenticated, and %u is replaced by the username of that > > user. > > After expansion, AuthorizedKeysFile is taken to be an absolute > > path or one relative to the user's home directory. The > > default > > is ``.ssh/authorized_keys''. > > > > Maybe you can try to use "%h/.ssh/authorized_keys" or, if it applies, > > "/usr/home/%u/.ssh/authorized_keys" to check if this is a path problem? > > > > Neither idea works and I don't think we are using the same version of sshd > (your must be from ports or something mine is from base)... [...] It is. :-) > [...] because the > same section of the man page reads nothing like what you posted: > > AuthorizedKeysFile > Specifies the file that contains the public keys used for user > authentication. The format is described in the AUTHORIZED_KEYS > FILE FORMAT section of sshd(8). Arguments to > AuthorizedKeysFile > accept the tokens described in the TOKENS section. After > expansion, AuthorizedKeysFile is taken to be an absolute path > or > one relative to the user's home directory. Multiple files may > be > listed, separated by whitespace. Alternately this option may > be > set to none to skip checking for user keys in files. The > default > is ".ssh/authorized_keys .ssh/authorized_keys2". I assume the documentation source listed there will tell you roughly the same. Maybe the keys path wasn't constructed as required? -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20190914143635.95f83f06.freebsd>