Cybersecurity

Hi,

I set up the keys on local and remote server. If I simply do:

Code:

sftp xxx.xxx.xxx.xxx

It works without asking for a password. But if I change the command to:

Code:

sftp user@server

it prompts me for password.

Anybody know how to rectify this? Thanks a bunch.


EDIT: I copied the key into the other user's ~/.ssh/auhtorized_keys but that still does not work.

Is the remote key in authorized_keys EXACTLY the same character for character as the id_rsa.pub key for that user on the local system.

If you can read/write that user's .ssh directory (and you are not doing that as root) then the permissions (they should be 700 ) on the other user's .ssh directory are a problem. The perms on the other user's login directory should be 755 as well.

The ssh protocol (sftp, too) depend on directory permissions, and also require keys to be precise.

Yep, i scp'd the exact file over to the system. I will double check the perms tomorrow at work.
Also, do you know of a way to enable this feature for all users on the server? Instead of having to copy the authorized_keys file in everybody's directory? There are many users on the server I am working on.

---------- Post updated 04-24-12 at 09:17 AM ---------- Previous update was 04-23-12 at 08:05 PM ----------

What if the local server contains 60 users, but all want to use the same SFTP account on the remote server? How would that work?

You will have to create a single directory with 1777 permissions so they can all read/write there. Create an account like dummy_sftp that can ONLY get to that directory.

Then put all of the users public keys into dummy_sftp's .ssh/authorized_keys file.
You will have a problem if every user has identical file names they move around. Also, this is NOT secure. So if some of those files are protected data like HIPAA or payroll you have another problem because any user who can sftp there can get any file and read it.

google 'howto chroot' an sftp account to see how to do this.