Hi Michael, Yes, you described the correct behavior.
Of course rebooting would always work as expected. The reason changing /mnt/kd/ssh_keys and then restarting sshd does not work without first removing /root/.ssh/authorized_keys is there is an option to make "/root" persistent rather than RAM based, in that case /mnt/kd/ssh_keys has no effect as the user has chosen to manage their /root/.ssh/authorized_keys directly. Hence the test for a pre-existing /root/.ssh/authorized_keys when the sshd service handles /mnt/kd/ssh_keys. I prefer to use the default, RAM based "/root". So yes, if you make a change to /mnt/kd/ssh_keys and want a service sshd stop/init to update /root/.ssh/authorized_keys, you must first remove /root/.ssh/authorized_keys. I agree that by supporting both RAM based and persistent "/root" may cause some confusion related to ssh keys. Lonnie On May 7, 2013, at 6:17 AM, Michael Knill wrote: > To the group > > I am looking to give multi user access to my systems via SSH keys in the > authorized_keys file. I was of the assumption that the authorised_keys file > is completely dynamic, taking its contents from /mnt/kd/ssh_keys. This does > not appear to be the case however as it only works for me if the > authorised_keys file is non existent. In other words, once written, it is not > over written unless you delete it. > > Is this the correct behaviour? Does it get written to astrw? Should I just > delete it prior to restarting sshd? > > Regards > Michael Knill ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
