Is Centralized SSH Public Key Authentication Possible?
Alan DeKok
aland at deployingradius.com
Wed Feb 17 22:33:43 CET 2010
John L. Singleton wrote:
> I am trying to set up a centralized SSH authentication server that
> allows authentication via public keys.
RADIUS doesn't do that.
> I can't find anything on the web about if this is possible with FR.
> Is it? Basically all I need is for FR to allow authentication off
> of a respective users's .ssh/.authorized_keys file.
Er... no. When the local SSHD reads the authorized_keys file, it does
a LOT of work using it. You will need *transport* of all of that SSH
magic crypto stuff for it to work.
> So far all I can seem to get going is password authentication. Can
> anyone let me know if this is even doable?
It's impossible.
Alan DeKok.
More information about the Freeradius-Users
mailing list