using the same public ssh key on two different accounts
https://stackoverflow.com/questions/4083329
-
28-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
here is the situation: i have one machine which lives at my house (lets call it house_machine) and i have another machine at my office (call this one office_machine). im using ssh with dsa key authentication and without password authentication to access home_machine from office_machine. i have set up an ssh server on home_machine and added the public key generated on office_machine to the authorized_keys file on home_machine. this works fine - i can ssh in to home_machine from office_machine just using the key and no password.
now the question: i would like to be able to access home_machine when i visit other offices simply by using the public key belonging to office_machine. ie i would like to put the public key (id_dsa.pub) on a usb drive and just copy it to the .ssh directory at another office. from what i have read on this site, others seem to have been able to do this type of thing, however it isnt working. when i try simply placing id_dsa.pub on a new machine and doing ssh -v user@home_machine the debug message ends with:
debug1: Offering public key: .ssh/id_dsa debug1: Server accepts key: pkalg ssh-dss blen 433 debug1: read PEM private key done: type DSA debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey).
my temporary solution has been to set "PasswordAuthentication yes" in sshd_config on home_machine, and just use a password to get to home_machine. however this voids the point of using key-authorisation.
thanks in advance!
Solution
You need to copy more than just the public key - you need the private key.
In ssh, you place the public on the server side but the client side needs to have the private key.
You want to copy over the id_dsa file (not id_dsa.pub) to your USB key (make sure it's protected with a passphrase, in case it gets lost!).
You can then use that key to login to home_machine from any machine that has access to the key:
ssh -i /path/to/id_dsa user@home_machine
(it looks like you might already have a different private key on office_machine, judging by what you pasted - You might look into using ssh-agent)
Also, check /var/log/secure to see why your sshd might be rejecting key authentication (it's often an issue of permissions on the .ssh directory and its ancestors).
