Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 5th January 2012, 01:10
bendiy bendiy is offline
Junior Member
 
Join Date: Jan 2012
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default Jailkit Shell User login without password?

I'm trying to add a public key to a jailkit shell user so they can login without entering a password. Adding the key to a /home/username/.ssh directory doesn't seem to work.

Is this possible?

If so, how can I set it up?

Thanks!
Reply With Quote
Sponsored Links
  #2  
Old 5th January 2012, 09:11
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,488
Thanks: 813
Thanked 5,258 Times in 4,122 Posts
Default

Add the key in iSPConfig to the ssh key field in the shell user settings.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 5th January 2012, 20:10
bendiy bendiy is offline
Junior Member
 
Join Date: Jan 2012
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I've upgraded to 3.0.4.1, so I now have the "SSH-RSA Public Key" field for the shell user. I add the pub key like so:
Code:
ssh-rsa AAAABBBB....ZZZZ=
After saving, it still doesn't work. I get prompted for the password after connecting.
Code:
ssh shellusername@192.168.0.1
shellusername@192.168.0.1's password:
I've verified that both of these were created, but as root user and group:
Code:
/var/www/clients/client123/web123/home/shellusername/authorized_keys
/var/www/clients/client123/web123/.ssh/authorized_keys
The above key is in the authorized_keys files as one line.

Should the user and group be root?
Reply With Quote
  #4  
Old 5th January 2012, 20:17
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,488
Thanks: 813
Thanked 5,258 Times in 4,122 Posts
Default

The permissions are wrong, the .ssh folder and its content should be owned by the ssh user and client group. This problem has been fixed in the latest RC:

http://www.howtoforge.com/forums/showthread.php?t=55647
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 5th January 2012, 20:38
bendiy bendiy is offline
Junior Member
 
Join Date: Jan 2012
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I just upgraded to the RC1 you linked to. Still no luck.

It did create the directory and files with the correct user and group this time, but it's still prompting for the password.

Do I need to set the user to "--disabled-password" or enable "RSAAuthentication yes" in ssh_config? I'm coming from a pretty much stock http://www.howtoforge.com/perfect-se...nx-ispconfig-3

Thanks for the help.
Reply With Quote
  #6  
Old 6th January 2012, 19:45
bendiy bendiy is offline
Junior Member
 
Join Date: Jan 2012
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I've got it working now.

I had set the folder to:
Code:
chmod -R g+w shelluserdir
I want to allow another user to have access to that folder, but I guess this breaks the ssh login via key. Is there a Jailkit setting to allow this? I had to turn on to be able to even log in via ssh with a password after making the above change:
/etc/jailkit/jk_chrootsh.ini
Code:
[shelluser]
relax_home_group_permissions=1
Reply With Quote
  #7  
Old 6th January 2012, 20:05
bendiy bendiy is offline
Junior Member
 
Join Date: Jan 2012
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

This looks like it works.

Change it back to no group write:
Code:
chmod -R g-w shelluserdir
Then set a sub-directory to group write:
Code:
chmod -R g+w shelluserdir/sub-dir
That allows my other use to access and write files. They just cannot save in the root of the home directory which is fine.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need help with ISPConfig Mail and Squirrelmail m.xander Installation/Configuration 109 3rd February 2012 00:15
accounts can't login since resetting my MySQL root password mistr_e Installation/Configuration 7 24th October 2011 18:59
Squirrelmail login error "Unknown user or password " JESUSSAVES Installation/Configuration 0 3rd October 2011 19:16
Vhosts...conf not synced to changes crypted General 50 24th April 2010 00:54
Samba LDAP, Webmin User password mperreault Server Operation 0 26th August 2008 14:34


All times are GMT +2. The time now is 11:44.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.