Saturday, January 29, 2011

How do I ssh into a box as another user given that host user has no ssh key on the remote machine

Lets say that my user name of my mac machine is John.

I have a fully configured slicehost account. Note that on this slice there is no ssh key for John.

Now I configure this box for ssh acces for user deploy.

On my mac machine I have the private key for user deploy. Slicehost has public key for user deploy.

Again slicehost has nothing for user john.

If I want to ssh into sliceghost box as user deploy do I need to put the public key for John there too?

From serverfault

  • No. The username has nothing to do with the public/private key pair. It's not recorded anywhere in either key. So long as you place the public key in a user's .ssh/authorized_keys file you can log in as that user by using the private key.

    : Just trying to make sure that I understand correctly. As long as John has the private key for deploy and the public key for deploy is in the authorized_keys file , John should be able to login as deploy.
    From Kamil Kisiel

  • Sort of.

    You need to put your public key for the account you're coming from on the remote server. If that is your John key, then put that key on the server that you are connecting to using the appropriate account for the server you are connecting to.

    In your case, you're connecting as deploy. So, when you connect, you'll type:

    ssh deploy@slicehost

    If you key for John is in the .ssh/authorized_keys file of the account deploy, then you'll get direct access.

    : doesn't that defeat the whole purpose of logging in as someone else. So in this case it seems I need to put public key for both John and deploy in the authorized_keys file.
    Jim : No. We do this all the time for sftp backups. We generate a public private key pair on which ever system we need to back up. The we put the public key for that account/machine on our backup server under a user, backup-user, for instance. Then to backup from the client machine we sftp to backup-user@backup_machine. The user on the client machine doesn't matter. It just matters that a public key for that machine is in the authorized_keys file on the backup server under the backup-user account's .ssh directory. Works like a charm.
    From Jim

  • You will need to specify both that you want to log in as user "deploy" and also specify the identity file for deploy.

    ssh -i ~/.ssh/id_deploy.rsa deploy@slicehost

    Where id_deploy.rsa is the private key file corresponding to the authorized key you uploaded to the slicehost account.

    From David Smith
Posted by Mu Cat at 5:38 PM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)