Monday, August 18, 2014

RHEL7 sshd Ignores authorized_keys2

I found out the hard way that my authorized_keys2 files is ignored in Redhat Enterprise Linux 7.  My ssh client would submit the key file and then prompt me for my password.

The line "#AuthorizedKeysFile .ssh/authorized_keys" from sshd_config was uncommented, which changed the default behavior of reading both authorized_keys and authorized_keys2.

Unfortunately, I don't find any announcement of this change.  And, the sshd man page still reads
"AuthorizedKeysFile specifies the files containing public keys for public key authentication; if none is specified, the default is ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2."

Renaming the authorized_keys2 file to authorized_keys will fix the problem.  Be sure to merge these files if authorized_keys also exists.

I've submitted product feedback to Redhat asking that they announce the change and fix the man page.  FWIW, we've been warned in the past, starting in 2001 with the release of openssh version 3, that this authorized_keys2 is deprecated.  It just seems like an explicit "your stuff will now break" announcement is warranted.
AuthorizedKeysFile specifies the files containing public keys for public key authentication; if none is specified, the default is ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2.
AuthorizedKeysFile specifies the files containing public keys for public key authentication; if none is specified, the default is ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2.
AuthorizedKeysFile specifies the files containing public keys for public key authentication; if none is specified, the default is ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2.
AuthorizedKeysFile specifies the files containing public keys for public key authentication; if none is specified, the default is ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2.












at







































2 comments:








  1. sandeep saxenaFebruary 13, 2019 at 3:36 AM

    i read the above notes and clarify my doubts very well.in this information i observe lot of things about how to study.thanks a lot.
     DevOps certification in Chennai 
     DevOps Training in Chennai 
     DevOps course in Chennai 
     Data Science Training in Chennai 
     AWS training in chennai 
     AWS course in chennai 
    ReplyDelete
  2. saburohaackNovember 7, 2022 at 12:42 AM
    Prosperous Moon™ offers a player-selectable 50% ante wager that activates the Crazy Cash Double  Up function. All games can be tailored to your brand and desires.Furthermore, you have have} access to our back-office system, which offers a wide range|a variety} of choices and statistics. We had a blast 스마일토토 playing in} progressive jackpot slots like A Night With Cleo, Reels And Wheels XL, Shopping Spree, and more.
    ReplyDelete




























        

      









Subscribe to:
Post Comments (Atom)