Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssh-keys]

an authorization mechanism for SSH involving public-key cryptography.

SSH keys are an authorization mechanism for SSH involving public-key cryptography. It consists of

  • A private/public key pair generated by a utility like ssh-keygen.
  • A configured (in /etc/ssh/sshd_config) SSH daemon that allows public key authentication.
  • A configured user account that has the public key copied to ~/.ssh/authorized_keys.
792 questions
6
votes
2 answers

How to limit access to the private ssh key using SELinux policies?

I'm using Fedora distro - with its preinstalled SELinux policies. I want to limit unsecured access to my private keys in ~/.ssh folder - to prevent leaking by possible malware, that may run under my account. Root-kits are out of question. Update…
abyss.7
  • 171
  • 5
6
votes
1 answer

How to blacklist SSH public keys in OpenSSH?

How can I configure OpenSSH (5.9) to reject a given set of public keys? I know I can remove the keys from each respective .ssh/authorized_keys file, but I would like to do it on a server-wide basis. Imagine a scenario where a private key got…
0xC0000022L
  • 1,516
  • 2
  • 22
  • 42
6
votes
1 answer

identifying ssh trusts between multiple servers on a network

The problem: We have many dev/qa/prod RH/Solaris servers with many accounts having ssh trust between them, including between servers in different environments (prod->prod, but also qa->prod). I know this is a bad practice, and the first step I'm…
Alex
  • 161
  • 4
6
votes
7 answers

SSH server won't recognize authorized_keys

I've been trying to set up Git over SSH and have followed the guides I've seen to the letter. I use ssh-keygen to create a key set, log into the remote host and append the public key to .ssh/authorized_users using cat id_rsa.pub >>…
Mike Thomsen
  • 191
  • 1
  • 1
  • 8
6
votes
4 answers

Adding ssh key results in "Connection closed by "

im trying to add to a ssh server of mine ssh key pairs so i can log in password-less. When i add my public key to my server by creating a .svn and authorized_keys, when i remove it i can log in again (with a password prompt). Not sure what else to…
Doz
  • 205
  • 1
  • 3
  • 6
6
votes
1 answer

ForwardAgent in Jenkins

I'm trying to enable ForwardAgent in the "Publish over SSH" Jenkins Plugin. This would allow jenkins to execute deployments, rsyncs and svn+ssh checkouts on remote servers. But there's no option for this in the GUI. ForwardAgent is set to yes in…
r_2
  • 335
  • 3
  • 9
6
votes
4 answers

Why VPN when I can just use SSH keys?

A friend of mine installed VPN on our LAMP development server. Previously, we just used SSH and sometimes SSH public keys to avoid password prompts. My question is, what is the advantage of using VPN over just using SSH public keys? What new…
John
  • 7,343
  • 23
  • 63
  • 87
6
votes
1 answer

Determine when someone last logged in to a server from a key

I'm trying to track the last time a user logged into a Linux server with a certain key. So user secure has 5 keys in ~/.ssh/authorized_keys, how can I track when each key was used and what IP was used to access the server? Ideally I would be able to…
Marco Ceppi
  • 457
  • 3
  • 19
6
votes
3 answers

SSH Key authentication

I can't setup SSH key authentication to login without entering a password, and just using the private key. Here is the sshd_config file of my VPS. # What ports, IPs and protocols we listen for Port 8707 # Use these options to restrict which…
Ashfame
  • 227
  • 3
  • 13
6
votes
2 answers

Logging in from different computers using SSH keys

Forgive the noob-ness of my question, but I'm taking baby steps. I've read about why it is important to use SSH keys for logging into my server. However it seems to me that this is most useful if you only login to the server from one computer. What…
blogjunkie
  • 411
  • 1
  • 3
  • 6
6
votes
2 answers

Ubuntu MySQL GUI logins with certificate/key

I will connect to MySQL on ubuntu cloud server everyday with Mysql Administrator and Mysql Query Browser GUI tools and I feel very slow in responding. I know it is possible to connect with ssh entering the below command in the terminal and then…
user53864
  • 1,723
  • 11
  • 37
  • 66
6
votes
9 answers

ssh many users to one home

I want to allow some trusted users to scp files into my server (to an specific user), but I do not want to give these users a home, neither ssh login. I'm having problems to understand the correct settings of users/groups I have to create to allow…
filippo
  • 219
  • 3
  • 9
6
votes
3 answers

SSH No Matching Host Key Type Found

I have two servers, S1: My machine, Windows 8, OpenSSH 8.8p1, OpenSSL 1.1.11 2021-08-24, S2: A Remote Server, Linux, Open SSH 5.3p1, OpenSSL 1.0.1e-fips 2013-02-11. The message I have trying to investigate how to solve is Unable to negotiate with…
Brethlosze
  • 165
  • 1
  • 1
  • 7
5
votes
1 answer

How can I confirm SSH fingerprint when connecting to a new Amazon EC2 instance using PuTTY?

When I create a new EC2 instance running Ubuntu 18.04, using a new EC2-generated keypair, I convert the resulting .pem to .ppk using puttygen, then try to connect to the instance using PuTTY, and I am shown the expected prompt to confirm the SSH…
Max Barraclough
  • 153
  • 1
  • 4
5
votes
1 answer

ssh-copy-id doesn't work with .pem files

I am trying to copy an SSH public key on several EC2 instances. Reading the ssh-copy-id man page, when you pass the key file, the program adds .pub extension if it missing. AWS keys are generated are .pem format, and I can use this…
fromthestone
  • 347
  • 4
  • 17
1 2 3
52 53