DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 4th August 2009
carpman carpman is offline
Shell Scout
 
Join Date: Jul 2008
Posts: 94
Default ssh key access non root users

Hello, i have ssh key login working for root but want to allow it for couple of other users, thing is i seem to get it to work?

I using gentoo linux to connect from and keychain to load key for session for all connections.

If ssh for root it is fine but if try from other user i still get asked for password for normal ssh login!

I have same files and keys in user .ssh dir as i do in root so it should work?


any ideas?

cheers
Reply With Quote
  #2   (View Single Post)  
Old 5th August 2009
sphex sphex is offline
New User
 
Join Date: Jun 2009
Posts: 5
Default

Hi!
Did you added your key to you "authorized_keys" file?
give us more details!

__________________
I'm not a Hero, never was and never will be!
Reply With Quote
  #3   (View Single Post)  
Old 6th August 2009
carpman carpman is offline
Shell Scout
 
Join Date: Jul 2008
Posts: 94
Default

Quote:
Originally Posted by sphex View Post
Hi!
Did you added your key to you "authorized_keys" file?
give us more details!

As stated in first post, the ssh setup in users is same as it for root, that means the .ssh dir and and all files are same in accounts that do and do not work.

So yes keys are in authorized_keys file.

What details do you need?

many thanks
Reply With Quote
  #4   (View Single Post)  
Old 6th August 2009
sphex sphex is offline
New User
 
Join Date: Jun 2009
Posts: 5
Default

hummm!
maybe it's a right problem!no error messages??
__________________
I'm not a Hero, never was and never will be!
Reply With Quote
  #5   (View Single Post)  
Old 7th August 2009
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 445
Default

@carpman: You posted this in a FreeBSD forum. (There is a GNU/Linux catch-all forum for Gentoo...)

Check the permissions on your user's home directory, his .ssh subdirectory, and on .ssh/authorized_keys.

When running sshd with StrictModes on, the user's home directory should not be group or world writable. The .ssh subdirectory and .ssh/authorized_keys should not be group or world readable.
__________________
Kill your t.v.
Reply With Quote
  #6   (View Single Post)  
Old 9th August 2009
carpman carpman is offline
Shell Scout
 
Join Date: Jul 2008
Posts: 94
Default

Ok worked it out, the server is running hsphere so users i want to have ssh access have their account homes in

Code:
/hsphere/local/home/
I take i would need to edit the sshd_config and add new path using

Code:
AuthorizedKeysFile

Thing is can set this to multiple path, in other words still have default path and hsphere path?

cheers
Reply With Quote
  #7   (View Single Post)  
Old 11th August 2009
sphex sphex is offline
New User
 
Join Date: Jun 2009
Posts: 5
Default

hsphere?! so have a look at this!
psoft.net/HSdocumentation/admin/allowing_shell_access.html
__________________
I'm not a Hero, never was and never will be!
Reply With Quote
  #8   (View Single Post)  
Old 12th August 2009
carpman carpman is offline
Shell Scout
 
Join Date: Jul 2008
Posts: 94
Default

Quote:
Originally Posted by sphex View Post
hsphere?! so have a look at this!
psoft.net/HSdocumentation/admin/allowing_shell_access.html
I am by passing this as i am not giving out ssh to user on myself on two accounts, also the issue is not with ssh access but with ssh key login. I can login with password but having issues with ssh key login.

I have set ssh config to 'StrictModes no' as per hsphere docs for key login it still will not do ssh key login?
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Prevent users from using proxy bichumo General software and network 8 20th April 2009 01:00 PM
DMZ for two networks users... maurobottone OpenBSD Security 6 2nd June 2008 02:57 PM
chroot/jailing users Weaseal FreeBSD Security 6 18th May 2008 07:44 AM
TeX for troff users? DrJ Off-Topic 0 2nd May 2008 09:29 PM


All times are GMT. The time now is 10:53 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick