1

I'm experimenting with using NIS for centralizing the user management for a network of approx 20 servers.

I've got an NIS client and server working, and can ssh to the client machine and successfully log in, but only using a password. I'd like to be able to use public key authentication - how might I do this?

Paul Dixon
  • 1,436
  • 3
  • 21
  • 35
  • What does PubkeyAuthentication say in your sshd_config (default being yes)? Home directories being mounted properly? ~/.ssh/authorized_keys? – andol Aug 17 '10 at 10:57
  • public key auth worked on client machine prior to making that machine use NIS. Your second point probably illustrates where I'm going wrong, as I'm not using NFS. I was hoping there was some way the SSH daemon could obtain authorized_keys over NIS? – Paul Dixon Aug 17 '10 at 11:25

3 Answers3

2

Sorry, AFAIK you can't distribute ssh keys over NIS - they live in ~/.ssh/authorized_keys. So NFS-mounted homedirs would do it. Or you could set up replication (presumably of just .ssh directories or others you choose) using something like unison.

pjz
  • 10,497
  • 1
  • 31
  • 40
2

You can do it by mounting /home via NFS and setsebool use_nfs_home_dirs 1

Memming
  • 121
  • 2
  • This really works and is slick solution. Should be the accepted answer because it actually addresses the issue, rather than suggesting something else. – craigdfrench Dec 12 '15 at 01:23
0

I think maybe NIS isn't best suited to my needs, am looking at Puppet as an alternative way of providing centralized user administration.

Paul Dixon
  • 1,436
  • 3
  • 21
  • 35