Ssh – Give private key ownership to user without /home

chownprivate-keysftpssh

so I am looking to set up ssh private/public keys between two servers, for use with sftp (and ultimately lftp using sftp – but one step at a time).

I have created the private and public keys, and found that in order to use them, the private key must be owned and only readable by the user connecting.

The problem is, the user I am connecting as doesn't have a /home/ directory on either server (and only exists on the remote server), so when I try to chown, I get chown: invalid user: {userName} – because it doesn't exist locally.

Can anyone suggest a way around this?

–Edit–

I used getent passwd on both servers, and found that the user only exists on the server I'm sftping to. So when I connect as that user (sftp weirdUser@remoteHost), how can I do this using private/public keys?

Best Answer

You need a ~/.ssh/config file on your local server that will associate your key with the user on the remote server such as:

Host yourremoteserver
    User weirduser
    IdentityFile /home/mylocaluser/.ssh/id_rsa

If you want to create a unique key just for weirduser@yourremoteserver use the -f option on ssh-keygen:

ssh-keygen -t rsa -b 1024 -f weirduser

and replace the IdentifyFile line in the ~/.ssh/config file with:

IdentityFile /home/mylocaluser/.ssh/weirduser

Whichever key you decide to use (the default id_rsa or weirduser), you'll need the contents of the corresponding .pub file inserted into weirduser's authorized_keys on the remote server. After you have your config file setup, try (it'll prompt for the remote password then copy the .pub file to the correct authorized_keys):

ssh-copy-id weirduser@yourremoteserver

(Or you could do this manually)

Related Solutions

SSH – How to Change Private Key Passphrase

To change the passphrase on your default key:

$ ssh-keygen -p

If you need to specify a key, pass the -f option:

$ ssh-keygen -p -f ~/.ssh/id_dsa

then provide your old and new passphrase (twice) at the prompts. (Use ~/.ssh/id_rsa if you have an RSA key.)

More details from man ssh-keygen:

[...]
SYNOPSIS
    ssh-keygen [-q] [-b bits] -t type [-N new_passphrase] [-C comment]
               [-f output_keyfile]
    ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
[...]
     -f filename
             Specifies the filename of the key file.
[...]
     -N new_passphrase
             Provides the new passphrase.

     -P passphrase
             Provides the (old) passphrase.

     -p      Requests changing the passphrase of a private key file instead of
             creating a new private key.  The program will prompt for the file
             containing the private key, for the old passphrase, and twice for
             the new passphrase.
[...]

SSH Key – How to Create a Public Key from a Private Key

Use the -y option to ssh-keygen:

ssh-keygen -f ~/.ssh/id_rsa -y > ~/.ssh/id_rsa.pub

From the 'man ssh-keygen'

 -y      This option will read a private OpenSSH format file and print an
         OpenSSH public key to stdout.

Specify the private key with the -f option, yours might be dsa instead of rsa. The name of your private key probably contains which you used. The newly generated public key should be the same as the one you generated before.

Best Answer

Related Solutions

SSH – How to Change Private Key Passphrase

SSH Key – How to Create a Public Key from a Private Key

Related Topic