Sshd Allow root to Authenticate with Passwordless Public Key: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 5: | Line 5: | ||
=Overview= | =Overview= | ||
'root' is allowed to authenticate against the sshd server with a passwordless public key if its "authorized_keys" is set up as described here | 'root' is allowed to authenticate against the sshd server with a passwordless public key if its "authorized_keys" is set up [[Ssh_Configure_Public/Private_Key_Authentication#Install_the_Public_Key_on_All_Machines_to_Log_in_Into|as described here]] and the server is configured with ...., ''unless [[Selinux|SELinux]] is being enforced on the host''. | ||
If [[Selinux|SELinux]] is being enforced, an attempt to authenticate using a passwordless public key generates the following entry in the sshd server log (in debug mode): | If [[Selinux|SELinux]] is being enforced, an attempt to authenticate using a passwordless public key generates the following entry in the sshd server log (in debug mode): | ||
Revision as of 21:33, 2 July 2017
Internal
Overview
'root' is allowed to authenticate against the sshd server with a passwordless public key if its "authorized_keys" is set up as described here and the server is configured with ...., unless SELinux is being enforced on the host.
If SELinux is being enforced, an attempt to authenticate using a passwordless public key generates the following entry in the sshd server log (in debug mode):
Could not open authorized keys '/root/.ssh/authorized_keys': Permission denied
Turning the SELinux to permissive mode will allow the root to log in, but disabling SELinux is usually this is not a good idea.