1
I'm trying to configure my SSH server to require users to have an RSA key. To do this I have the settings in sshd_config
set to
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys
and
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication no
and
UsePAM no
Then I do sudo /etc/init.d/ssh restart
to restart the server.
This seems to work to some degree, because I included my macs rsa_key
and it lets me log in without asking for a password. However when I try to ssh
in through a computer that I haven't included the key of, it just prompts me for my password, and then when entered, lets me in.
What am I doing wrong?
Also I've heard that one should do sudo /etc/init.d/sshd restart
(sshd) instead of sudo /etc/init.d/ssh restart
but I have no such file.
When you're not sure what your server is doing, increase its log level (temporarily):
LogLevel DEBUG
insshd_config
will cause it to log just about everything (to the point of being privacy-invasive). Logs will turn up in/var/log/secure
or/var/log/auth.log
or/var/log/daemon
or similar. – Gabe – 2013-12-02T08:38:03.823