SSH Public Key for user without home directory

戏子无情 提交于 2019-12-02 00:34:23

问题


I'm running a Mac OS X Leopard Server and I created a new user without designating a home directory for that user. Is it possible to have that user authenticate using a Public Key?

I know that when a user does have a home directory it goes in to ~/.ssh/authorized_keys

I don't want to create a home directory for this user because my understanding is it would then allow them to login if given physical access.

UPDATE: I need to allow this user to do a Secure FTP connection only. Setting the Login Shell to /bin/false/ will prevent them from connecting remotely as well.


回答1:


You have to edit /etc/ssh/sshd_config or where it is located on your machine and change the AuthorizedKeysFile setting.

The docs say:

 AuthorizedKeysFile
         Specifies the file that contains the public keys that can be used
         for user authentication.  AuthorizedKeysFile may contain tokens of
         the form %T which are substituted during connection setup.  The fol-
         lowing tokens are defined: %% is replaced by a literal '%', %h is
         replaced by the home directory of the user being authenticated, and
         %u is replaced by the username of that user.  After expansion,
         AuthorizedKeysFile is taken to be an absolute path or one relative
         to the user's home directory.  The default is
         ``.ssh/authorized_keys''.

But why do you have users (that can login) without a home?



来源:https://stackoverflow.com/questions/663397/ssh-public-key-for-user-without-home-directory

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!