ssh/check-user-ssh.sh - check for additional authorized_keys when encrypted home directory #51
Labels
enhancement
Increase or improve in quality, performance, business value, function, or user satisfaction.
needs investigation
What? How?
ssh supports additional locations for authorized_keys file in /etc/ssh/sshd_config (AuthorizedKeysFile). Use case:
If you have an encrypted home directory, SSH cannot access your authorized_keys file because it is inside your encrypted home directory and won't be available until after you are authenticated. Therefore, SSH will default to password authentication.
To solve this, create a folder outside your home named /etc/ssh/ (replace "" with your actual username). This directory should have 755 permissions and be owned by the user. Move the authorized_keys file into it. The authorized_keys file should have 644 permissions and be owned by the user.
Then edit your /etc/ssh/sshd_config and add:
AuthorizedKeysFile /etc/ssh/%u/authorized_keys
Need to add check for other authorized_keys file location in /etc/ssh/sshd_config file
The text was updated successfully, but these errors were encountered: