Re: sending authorized_keys to localhost from an account being created with adduser --disabled-password [was] Re: Need a tutorial
Hi Greg and Tomás (one mail for all to limit the load of this thread on
the list) :-)
Greg Wooledge:
> On Fri, Sep 23, 2016 at 12:31:00PM +0000, Stephan Beck wrote:
[...]
> As user root:
>
> stephan@hostname:~$ sudo mkdir -p ~test/.ssh
> stephan@hostname:~$ sudo sh -c 'cat ~stephan/.ssh/id_rsa.pub >> ~test/.ssh/authorized_keys'
> stephan@hostname:~$ sudo chown test ~test/.ssh ~test/.ssh/authorized_keys
> stephan@hostname:~$ sudo chmod 700 ~test/.ssh
> stephan@hostname:~$ sudo chmod 600 ~test/.ssh/authorized_keys
I only had to perform command #2, and I ran it from a root shell.
I did the connection test, and it worked fine, but only after
an ssh restart.
Without it, the output was "Permission denied (publickey)"
Command #1 wasn't necessary as ~/test/.ssh had automatically been
created when running ssh-keygen. The permission had already been changed
to its secure values. At least, I came across dash's manpage while
trying to understand what the command actually does! Thanks a lot.
> tomas@tuxteam.de:
> You cannot log into test without superpowers, but you have to modify its
> ~/.ssh/authorized_keys. That means you *need* superpowers. For example
>
> sudo -s # or similar
> cat ~steph/.ssh/id_rsa.pub >> ~/test/.ssh/authorized_keys
> chown test:test ~/test/.ssh/authorized_keys
> exit
Ran command #2 from a root shell, did the connection test and it worked,
without having to restart ssh.
By the way, when I logged in via ssh (to *test*) now I was greeted by
"Last login [time of my connection attempt]from localhost". So, I
understand that I had logged into *test* via su - test and then had
connected to *test* (from *test*) via localhost using ssh! Is this
interpretation correct?
Thanks to both of you again.
Stephan
Reply to: