SSH - Authorized Keys file (on Server)

Card Puncher Data Processing

About

In public key authentication, the authorized keys are the public keys used to verify the authentication of the client via the digital signature verification.

In a PKI model, once an SSH server or client receives a public key from a client or server and considers the key trustworthy, the server marks the key as authorized in its authorized_keys file.

The AuthorizedKeysFile keyword specifies the file containing public keys for public key authentication.

Format

The file contains a list of public keys, one per line.

ssh-rsa key key-comment 
ssh-dss key key-comment 

Example

ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBN+Mh3U/3We4VYtV1QmWUFIzFLTUeegl1Ao5/QGtCRGAZn8bxX9KlCrrWISIjSYAwCajIEGSPEZwPNMBoK8XD8Q= ylo@klar

# Comments allowed at start of line
ssh-rsa AAAAB3Nza...LiPk== [email protected] 
from="*.sales.example.net,!pc.sales.example.net" ssh-rsa AAAAB2...19Q== [email protected]
command="dump /home",no-pty,no-port-forwarding ssh-dss AAAAC3...51R== example.net
permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss AAAAB5...21S==
ssh-rsa [email protected]
zos-key-ring-label="KeyRingOwner/SSHAuthKeysRing uniq-ssh-rsa"
from="*.example.com",zos-key-ring-label="KeyRingOwner/SSHAuthKeysRing uniq-ssh-dsa"

  • With configuration and command
no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"packer\" rather than the user \"root\".';echo;sleep 10" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAYRwgsk6fxOJYR6plf3Vcwu...
no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"packer\" rather than the user \"root\".';echo;sleep 10" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSQvCliGGSQkywgvFQjbhARqo0ZA....
no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"hdsshadm\" rather than the user \"root\".';echo;sleep 10" ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA3NcgK9ScckgtWOlKD5MMIMBEpsEk3wDur4SUHlyg7Jb9PWPidU6gqT...

Management

Location

Default

If none is specified, the default is in the user's home directory:

  • ~/.ssh/authorized_keys
  • and ~/.ssh.authorized_keys2.

This means that each user can add permanent credentials for themselves and/of for friends … :)

Conf

In the ssh server conf file, you can set it to a root place

Example:

AuthorizedKeysFile /etc/ssh/authorized-keys/%u

Documentation / Reference





Discover More
Cryptography - Key

A key is a parameter used in a cipher algorithm that determines: the encryption operation (forward) and the decryption operation (backward). It's the only secret parameter that protect the anonymity...
Public Key Crypto Pair Key Creation
Public Key

A public key is a key used in the public cryptographic system. The public key is often saved in a cer format. The Key_distributionpublic key distribution can be done: through public key servers....
Public Key Crypto Pair Key Creation
Public Key Authentication

Public key authentication is a asymmetric authentication method where the public keys are used as authentication credential for: automated processes implementing for instance single sign-on The...
Card Puncher Data Processing
SSH - OpenSSH Server (sshd)

OpenSSH Server is a ssh server See this page for the default value They may be overwritten, sometimes during the startup with the following file The...
Public Key Crypto Pair Key Creation
What is Sender authentication ? (Public Key Authentication based, Certificate-based in Cryptography)

Sender Authentication is based on the digital signature. If you can decrypt the signature successfully, it proves that the message come from: a particular sender or group There is three type of...



Share this page:
Follow us:
Task Runner