[scponly] ssh key auth. using the same chroot env., possible?
Whit Blauvelt
whit at transpect.com
Mon Jun 25 22:05:39 EDT 2007
Your first method does work, Paul. So that's good enough. What won't work
for me is putting authorized_keys in the home directory (whether defined as
before or after the // - in an .ssh subdir of course). Is the second way
actually working for anybody? I'd be curious to know the trick if so to
complete a page on the wiki.
Whit
> On Wed, Nov 29, 2006 at 10:21:17PM -0700, Paul Hyder wrote:
> > Relocating ssh keys is easy.
> > -update the sshd_config AuthorizedKeysFile variable to match the new,
> > root owned location (no longer in ~/.ssh/authorized_keys)
> > We use /home/admin/.ssh/%u/authorized_keys2 and a single jail.
> > -understand that the ssh key handling occurs BEFORE scponly, the keys
> > should be located above the chroot point if you don't want the users
> > to maintain them. (otherwise the sshd can look in the user's chroot
> > incoming .ssh directory)
> >
> > Paul Hyder
> > NOAA Earth System Research Laboratory, Global Systems Division
> > Boulder, CO
More information about the scponly
mailing list