Here is the desired action/event.
I want to set up a new Centos Box as follows...
To log into shell require that a stand alone non-account user SSH2 into the box and su-. Direct root login not allowed, and password authentication not allowed. Must use public key. I want the stand alone user to be able to FTP as well.
I have been able to add the user and set a password
The user is able to FTP
The user can SSH into the box (on the alternate port) using password authentication when I have Password Authentication Tweak set to Enable Password Auth
HOWEVER I cannot get Public key configured correctly.
So far I have done these steps.
I tried the steps outlined at:
forums.cpanel.net
The machine I want to SSH from is my local Windows box.
I have tried using the ssh-keygen command on my server to generate the keypair.
I have also tried using the Create Identity File utility within to SecureCRT to do so.
Created the /home/useradd/.ssh folder and touched a authorized_keys in that folder.
Set the permissions to 700 for the folder and 600 for the file.
Copied the contents of the .pub file created each time to the authorized_keys file.
Attempt to SSH2 to the box via public keys fails in all instances.
** I actually have this set up with an old 'useradd' account. I can put the authorized_keys file from that user's home/.ssh folder into the new 'useradd' home/.ssh folder and SSH2 in public key using the passphrase form the old useradd. I just don't know what I did to set that one up that I am missing now so that I can get this configured on a new box.
If all of that made any sense, please tell me what it is that I am leaving out!
Thanks
PS please excuse the numerous typos and/or transpositions, I am legally blind!
I want to set up a new Centos Box as follows...
To log into shell require that a stand alone non-account user SSH2 into the box and su-. Direct root login not allowed, and password authentication not allowed. Must use public key. I want the stand alone user to be able to FTP as well.
I have been able to add the user and set a password
The user is able to FTP
The user can SSH into the box (on the alternate port) using password authentication when I have Password Authentication Tweak set to Enable Password Auth
HOWEVER I cannot get Public key configured correctly.
So far I have done these steps.
I tried the steps outlined at:
Tutorial - Interested in increasing the security of your server? Read this. (sshd hardening)
This topic applies to the OpenSSH software in particular, which is distributed with Redhat and CentOS Linux. Requirements: ability to log into the shell via ssh ability to work from the command line to edit files, restart services BEGINNER...
The machine I want to SSH from is my local Windows box.
I have tried using the ssh-keygen command on my server to generate the keypair.
I have also tried using the Create Identity File utility within to SecureCRT to do so.
Created the /home/useradd/.ssh folder and touched a authorized_keys in that folder.
Set the permissions to 700 for the folder and 600 for the file.
Copied the contents of the .pub file created each time to the authorized_keys file.
Attempt to SSH2 to the box via public keys fails in all instances.
** I actually have this set up with an old 'useradd' account. I can put the authorized_keys file from that user's home/.ssh folder into the new 'useradd' home/.ssh folder and SSH2 in public key using the passphrase form the old useradd. I just don't know what I did to set that one up that I am missing now so that I can get this configured on a new box.
If all of that made any sense, please tell me what it is that I am leaving out!
Thanks
PS please excuse the numerous typos and/or transpositions, I am legally blind!
