What are the SSH Authorized Keys file? (on Server)

Host Key Not Cached Putty

About

In public key authentication, the authorized keys are the public keys used to verify the authentication of the client via the digital signature verification.

In a PKI model, once an SSH server or client receives a public key from a client or server and considers the key trustworthy, the server marks the key as authorized in its authorized_keys file.

The AuthorizedKeysFile keyword specifies the file containing public keys for public key authentication.

Format

The file contains a list of public keys, one per line.

Example for rsa and dss

ssh-rsa key key-comment 
ssh-dss key key-comment 

Example

ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBN+Mh3U/3We4VYtV1QmWUFIzFLTUeegl1Ao5/QGtCRGAZn8bxX9KlCrrWISIjSYAwCajIEGSPEZwPNMBoK8XD8Q= ylo@klar

# Comments allowed at start of line
ssh-rsa AAAAB3Nza...LiPk== [email protected] 
from="*.sales.example.net,!pc.sales.example.net" ssh-rsa AAAAB2...19Q== [email protected]
command="dump /home",no-pty,no-port-forwarding ssh-dss AAAAC3...51R== example.net
permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss AAAAB5...21S==
ssh-rsa [email protected]
zos-key-ring-label="KeyRingOwner/SSHAuthKeysRing uniq-ssh-rsa"
from="*.example.com",zos-key-ring-label="KeyRingOwner/SSHAuthKeysRing uniq-ssh-dsa"

  • With configuration and command
no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"packer\" rather than the user \"root\".';echo;sleep 10" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAYRwgsk6fxOJYR6plf3Vcwu...
no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"packer\" rather than the user \"root\".';echo;sleep 10" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSQvCliGGSQkywgvFQjbhARqo0ZA....
no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"hdsshadm\" rather than the user \"root\".';echo;sleep 10" ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA3NcgK9ScckgtWOlKD5MMIMBEpsEk3wDur4SUHlyg7Jb9PWPidU6gqT...

Management

Location

Default

If none is specified, the default is in the user's home directory:

  • ~/.ssh/authorized_keys
  • and ~/.ssh.authorized_keys2.

This means that each user can add permanent credentials for themselves and/of for friends … :)

Conf

In the ssh server conf file, you can set it to a root place

Example:

AuthorizedKeysFile /etc/ssh/authorized-keys/%u

Documentation / Reference





Discover More
Cryptography - Key

A key is a parameter used in a cipher algorithm that determines: the encryption operation (forward) and the decryption operation (backward). It's the only secret parameter that protect the anonymity...
Public Key Crypto Pair Key Creation
Public Key

A public key is a key used in the public cryptographic system. The public key is often saved in a cer format. The Key_distributionpublic key distribution can be done: through public key servers....
Public Key Crypto Pair Key Creation
Public Key Authentication

Public key authentication is a asymmetric authentication method where the public keys are used as authentication credential for: automated processes implementing for instance single sign-on The...
Host Key Not Cached Putty
SSH - How to made an Ssh connection in a shell (for instance from Cygwin, CygwinX) ?

How to made an SSH connection to a Linux Operating system with a shell from a term, xterm of Cygwin, CygwinX ? Install the ssh component of Cygwin start the console and use this syntax: open-ssh...
Public Key Crypto Pair Key Creation
What is Sender authentication ? (Public Key Authentication based, Certificate-based in Cryptography)

Sender Authentication is based on the digital signature. If you can decrypt the signature successfully, it proves that the message come from: a particular sender or group There is three type of...
Host Key Not Cached Putty
What is sshd, the OpenSSH Server?

OpenSSH Server (or sshd) is the ssh server of OpenSSH This is mostly the one that will run on any Linux server so that you can connect remotely on port 22 with Putty or any SSH client See this...



Share this page:
Follow us:
Task Runner