SSH authenticate with public key (not private key)
Question
Is it possible to connect to a server using a public key? The server holds the private key in authorized_keys , and the client can connect with: ssh -i id_rsa.pub server
It is the exact opposite as the usual way with public/private keys: the client keeps the public key, and the server holds the private key.
Now the reason: For machines being deployed to customers, I want to setup a remote connection to rescue the machines in case of problems.
- the machine initiates a reverse SSH connection to the rescue server: connect using the public key (the same on all the machines:
ssh -i id_rsa.pub -NR 64000:localhost:22 rescue@server) - the machine opens a channel, but cannot execute commands (prompt
/bin/false) - on the server, do a SSH to the machine through the open channel and authenticate with the private key (the usual way:
ssh -i id_rsa -p 64000 localhost).
1 answers
solution1
1 ACCPTED 2015-07-29 11:21:36
You can't use keys to authenticate in opposite order of private/public, because of the way how asymmetric cryptography works.
The alternative solution for you can be to use openssh certificates as described in manual pages and many how-to's.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.