Is Centralized SSH Public Key Authentication Possible?

Alan DeKok aland at deployingradius.com
Wed Feb 17 22:33:43 CET 2010


John L. Singleton wrote:
> I am trying to set up a centralized SSH authentication server that
> allows authentication via public keys.

  RADIUS doesn't do that.

> I can't find anything on the web about if this is possible with FR.
> Is it? Basically all I need is for FR to allow authentication off
> of a respective users's .ssh/.authorized_keys file.

  Er... no.  When the local SSHD reads the authorized_keys file, it does
a LOT of work using it.  You will need *transport* of all of that SSH
magic crypto stuff for it to work.

> So far all I can seem to get going is password authentication. Can
> anyone let me know if this is even doable?

  It's impossible.

  Alan DeKok.



More information about the Freeradius-Users mailing list