On Fri, Sep 23, 2016 at 12:31:00PM +0000, Stephan Beck wrote: > I have created a new user account with > adduser --disabled-password > What do I want to do? > I'd like to login to this account "test" from my normal user account by > ssh via pubkey authentication. My (normal) user account has its keys > generated and properly deposited on localhost. I logged into the account > "test" via su - test, creating a keypair. Fine.
Typically, you want to create the keypair as the user on the machine which will be the client. This way the private key never has to be touched, moved, looked at, etc. So, you want to ssh FROM user "stephan" on this machine TO user "test" on this (same) machine The private key needs to reside in ~stephan/.ssh/ where the client will see it. The public key needs to be concatenated into ~test/.ssh/authorized_keys where the server will see it. > How do I get this public key onto localhost? Trick question. You are already on the correct machine. You just need to have everything in the correct places (files/directories) with the correct ownerships. > I mean, I can create an authorized_keys file manually, copying the > public key into this authorized_keys file, but it's still in the user's > directory where it has been generated, it needs to be sent (or get > somehow) to localhost. As user stephan: stephan@hostname:~$ ssh-keygen As user root: stephan@hostname:~$ sudo mkdir -p ~test/.ssh stephan@hostname:~$ sudo sh -c 'cat ~stephan/.ssh/id_rsa.pub >> ~test/.ssh/authorized_keys' stephan@hostname:~$ sudo chown test ~test/.ssh ~test/.ssh/authorized_keys stephan@hostname:~$ sudo chmod 700 ~test/.ssh stephan@hostname:~$ sudo chmod 600 ~test/.ssh/authorized_keys (Of course, if you prefer you could just obtain a root shell and then run all of the commands without sudo.) As user stephan, to test that it works: stephan@hostname:~$ ssh test@localhost id If your username isn't actually "stephan", substitute accordingly.
