ssh authorized_keys file location and permissions

I am confused on the permissions that ssh requires when dealing with custom authorized_keys files.

For example, assuming that we have a server the following line in file /etc/ssh/sshd_config:

AuthorizedKeysFile .ssh/authorized_keys /etc/ssh/authorized_keys

It means that theoretically we can access the server with all the keys inserted in those two files, considering that .ssh/authorized_keys is a per-user file (meaning that we can log in with user root using the keys in file /etc/ssh/authorized_keys and /home/root/authorized_keys).

Now, how can this even work a non-root user for /etc/ssh/authorized_keys, if when using the default mode StrictMode yes does not allow to use the authorized_keys file unless the parent folders are with permission 0700 and owned by the user (which is not the case here) and the file is owned by the user and has permission 0600 (that we can assume is the case)?

Ssh won't accept the keys in /etc/ssh/authorized_keys for a non-root user, since the permission are not correct for that user (the owner of /etc/ssh is root).

Or am I missing something?

3 Sorted by: Reset to default

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy