SSH authentication using keys under encryption of the home directory

    The SSH authorization configuration option using keys is known to everyone: the public key is written to ~ / .ssh / authorized_keys . If encryption of the home folder is used, the system will not be able to read this file. Therefore, you must place this data outside the encrypted home folder.

    I suggest placing the authorized_keys file in the /etc/{usernameername/.ssh directory . In this case , add the appropriate line to / etc / ssh / sshd_config :
    AuthorizedKeysFile /etc/%u/.ssh/authorized_keys
    Paranoid rights should also be added : The last recommendation varies depending on the accepted system management techniques.
    # chown -R {username}:{username} /etc/{username}
    # chmod 1700 /etc/{username}
    # chmod 0100 /etc/{username}/.ssh
    # chmod 0600 /etc/{username}/.ssh/authorized_keys


    Also popular now: