没有主目录的用户的SSH公钥 [英] SSH Public Key for user without home directory
问题描述
我正在运行Mac OS X Leopard Server,并且创建了一个新用户,而没有为该用户指定主目录.可以使该用户使用公共密钥进行身份验证吗?
I'm running a Mac OS X Leopard Server and I created a new user without designating a home directory for that user. Is it possible to have that user authenticate using a Public Key?
我知道,当用户有有主目录时,它将进入~/.ssh/authorized_keys
I know that when a user does have a home directory it goes in to ~/.ssh/authorized_keys
我不想为此用户创建主目录,因为我的理解是,如果给定物理访问权限,则该目录将允许他们登录.
I don't want to create a home directory for this user because my understanding is it would then allow them to login if given physical access.
更新:我需要允许该用户仅进行安全FTP连接.将Login Shell设置为/bin/false/
也会阻止它们也进行远程连接.
UPDATE: I need to allow this user to do a Secure FTP connection only. Setting the Login Shell to /bin/false/
will prevent them from connecting remotely as well.
推荐答案
您必须编辑/etc/ssh/sshd_config
或它在计算机上的位置,并更改AuthorizedKeysFile
设置.
You have to edit /etc/ssh/sshd_config
or where it is located on your machine and change the AuthorizedKeysFile
setting.
文档说:
AuthorizedKeysFile
Specifies the file that contains the public keys that can be used
for user authentication. AuthorizedKeysFile may contain tokens of
the form %T which are substituted during connection setup. The fol-
lowing tokens are defined: %% is replaced by a literal '%', %h is
replaced by the home directory of the user being authenticated, and
%u is replaced by the username of that user. After expansion,
AuthorizedKeysFile is taken to be an absolute path or one relative
to the user's home directory. The default is
``.ssh/authorized_keys''.
但是为什么您的用户(可以登录)却没有家?
But why do you have users (that can login) without a home?
这篇关于没有主目录的用户的SSH公钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!