Enable SSH [email protected] with Public Key Authentication

Oct 24, 2011


Here is a post by Leho Kraav on his website to Enable ssh [email protected] with public key authentication:

With aegis watching over us like a true eye in the sky, getting N950 to let you ssh in as unprivileged user with public key authentication took a bit of effort. Sure, you couldssh [email protected] and then su – user, but doesn’t the sane world do it the other way around?

Anyway, get your authorized_keys file on the device as root with sftp, or manually typing it. No, just sftp it, dude. Now aegis won’t let root see ~user/.ssh and also won’t let user see /root/.ssh contents.

# cp /root/.ssh/authorized_keys /tmp
# chmod 644 /tmp/authorized_keys
# su - user
$ cp /tmp/authorized_keys .ssh
$ exit

At this point ssh [email protected] still shouldn’t be letting you in, because apparently the account is locked by default. syslogd doesn’t by default log sshd stuff, so if you want to see this for yourself do this as root:

# echo "auth.* -/var/log/secure.log" >> /etc/syslog.conf
# stop syslogd
# start syslogd
# tail -f /var/log/syslog /var/log/secure.log

Now try ssh [email protected], this is what you should see:

==> secure.log <==
Jul 25 01:09:11 RM680 sshd[2838]: User user not allowed because account is locked
Jul 25 01:09:11 RM680 sshd[2838]: Failed none for invalid user user from port 354
83 ssh2

Solution is to unlock the account.

EDIT Originally I thought usermod -U user would do the trick. It turns out it doesn't work out so well. aegis-loader (and possibly other parts) started puking when doingdpkg -i etc.

/home/developer $ dpkg -i conboy_0_0_1_armel.deb
aegis-loader: Failed parsing '/etc/passwd

After a bunch of folks on #harmattan helped me get to the bottom of this, mgedim pointed out passwd seemed to work for him:

# passwd -u user

I have no idea what usermod and passwd are doing different aegis-wise. Hints welcome!


Source leho kraav


About us

IoT Gadgets is dedicated to bring you all the Internet of Things IoT news that pertains to gadgets. Simple. We love for you to join us on this journey.

Contact us: [email protected]


linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram