堆栈内存溢出
  简体   繁体   English

如何在 Linux 中添加具有不同 SSH 密钥的用户?

[英]How can I add users with different SSH keys in Linux?

 原文  2022-09-17 00:20:33       linux/ ubuntu/ ssh/ hosting/ digital-ocean

问题描述

On my Linux server I have configured the root user to use an SSH key, and I added a new user with SSH key access, but that user can use the same key.在我的 Linux 服务器上,我已将 root 用户配置为使用 SSH 密钥,并添加了一个具有 SSH 密钥访问权限的新用户,但该用户可以使用相同的密钥。 I want to know if this is normal, or if each user should have a unique key for signing in remotely.我想知道这是否正常,或者每个用户是否应该有一个用于远程登录的唯一密钥。

When I configured the new user, I switched to that user then pasted the contents of the id_rsa.pub file that was generated when I created an SSH key for the root user to /home/user/.ssh/authorized_keys .当我配置新用户时,我切换到该用户,然后将在为 root 用户创建 SSH 密钥时生成的id_rsa.pub文件的内容粘贴到/home/user/.ssh/authorized_keys This is probably why they both have the same key, but when I tried generating a new key and pasting the id_rsa.pub file contents for that key instead I got a (publickey) error when I tried logging in as the new user.这可能就是为什么它们都具有相同的密钥,但是当我尝试生成新密钥并粘贴该密钥的id_rsa.pub文件内容时,当我尝试以新用户身份登录时出现(publickey)错误。

In other words, if the the two users don't share the same id_rsa.pub contents I can't login with the one that's different.换句话说,如果这两个用户不共享相同的id_rsa.pub内容,我就无法使用不同的用户登录。 How can I configure it so that each user has a unique key?如何配置它以便每个用户都有一个唯一的密钥?

1 个解决方案

解决方案1
 0  2022-09-17 03:25:54

It's a bad idea to give regular users the same ssh key as root;为普通用户提供与 root 相同的 ssh 密钥是一个坏主意; nothing would stop them from logging in as root instead of their own user identity.没有什么能阻止他们以 root 而不是他们自己的用户身份登录。 And it's generally a bad idea to let root log in at all once you have a regular user set up.一旦您设置了常规用户,让 root 登录通常是一个坏主意。 Use sudo or su from a regular user account.从普通用户帐户使用 sudo 或 su。 To use a different key for each user, you need the matching private key on the client machine your user is logging in from.要为每个用户使用不同的密钥,您需要在用户登录的客户端计算机上匹配私钥。

If the user name on the client matches the user name on the server and the private key matching the id_rsa.pub you added to the server's /home/user/.ssh/authorized_keys is stored on the client as /home/user/.ssh/id_rsa then you can log into the server with a simple ssh server_name (or server ip).如果客户端上的用户名与服务器上的用户名匹配,并且与您添加到服务器的 /home/user/.ssh/authorized_keys 的 id_rsa.pub 匹配的私钥在客户端上存储为 /home/user/.ssh /id_rsa 然后您可以使用简单的ssh server_name (或服务器 ip)登录服务器。 If the user name on the client doesn't match, then you need the server user, ie, ssh server_user@server_name .如果客户端上的用户名不匹配,则需要服务器用户,即ssh server_user@server_name And if the private key is somewhere other than /home/user/.ssh/id_rsa, you need ssh -i /path/to/private.key server_user@server_name .如果私钥不在 /home/user/.ssh/id_rsa 之外,则需要ssh -i /path/to/private.key server_user@server_name

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何添加用户以允许ssh隧道访问? - How do I add users to allow ssh tunneling access? 我可以在Linux系统上审核用户的活动,当用户登录,使用SSH身份共享用户? - Can I audit user activity on a linux system when users login as a shared user using an ssh identity? 如何通过 ssh 进入 Azure 上的“Web App On Linux”docker 容器? - How can I ssh into “Web App On Linux” docker container on Azure? Linux:如何使用 Apache 用户连接 SSH? - Linux: How can I SSH connect using Apache user? 如何在Linux Vagrant VM内设置桌面用户,使其表现为具有通常用户名,ssh键等的标准工具控制台? - How can I set up my desktop user inside a Linux Vagrant VM so that it behaves like a standard tools console with my usual username, ssh keys, etc.? 可以在非ssh应用程序中使用ssh密钥进行身份验证吗? - can I use ssh keys for authentication in non-ssh application? 关于Linux上的SSH密钥感到困惑 - Confused regarding ssh keys on linux 如何从Linux查询Windows注册表项? - How can I query Windows registry keys from Linux? 如何在Linux上将nagios添加为服务 - how can I add nagios as a service on linux 关闭PuTTY SSH会话后,如何运行仍在运行的Linux命令? - How can I run a Linux command that still runs after I close my PuTTY SSH session?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM