Is Centralized SSH Public Key Authentication Possible?

Nick Owen owen.nick at gmail.com
Wed Feb 17 23:47:52 CET 2010


On Wed, Feb 17, 2010 at 3:24 PM, John L. Singleton <jsinglet at gmail.com>wrote:

> Hi All,
>
> I am trying to set up a centralized SSH authentication server that allows
> authentication via public keys. I can't find anything on the web about if
> this is possible with FR. Is it? Basically all I need is for FR to allow
> authentication off of a respective users's .ssh/.authorized_keys file. So
> far all I can seem to get going is password authentication. Can anyone let
> me know if this is even doable?--
>


You are probably barking up the wrong tree with freeradius.  Check out this
tutorial I wrote on setting up a centralized SSH server:
http://www.howtoforge.net/secure_ssh_with_wikid_two_factor_authentication.
The difference is that I suggest using two-factor authentication with OTPs
to get into the key server (because public key SSH does not meet certain
regulatory requirements).   You may want to use Freeradius to route  the
OTPs to the auth server.

HTH,

nick


-- 
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100217/ed9e9b71/attachment.html>


More information about the Freeradius-Users mailing list