CA Signed Public Key User Authentication does not honor ~/.ssh/authorized_keys
Virender Khatri
vir.khatri at gmail.com
Thu Sep 26 02:55:27 EST 2013
Greetings,
I am using OpenSSH Signed Public Key authentication for servers ssh login.
All of the servers are setup with below sshd_config options:
TrustedUserCAKeys /etc/ssh/ca.pub # CA Public Keys
RevokedKeys /etc/ssh/revoke.pub # User Public Keys
When i started working on it, for ssh authentication i had to have CA
Public Key in User ~/.ssh/authorized_keys, like:
cert-authority ssh-rsa <user_key> <user_name>
But, now i am able to login without having CA Public Key in User '
~/.ssh/authorized_keys' file.
Even if i remove '' ~/.ssh/authorized_keys' file from for a user, i am able
to login.
I wanted to know whether it is no longer require or it is a bug.
OpenSSH Version - openssh-6.1p1-8.30.amzn1.x86_64.
-V
More information about the openssh-unix-dev
mailing list