linux


Trying to connect to host using SSH CA


I'm trying to setup SSH certificate authorization, by configurin my certificate authority to authenticate users to my server.
I generate a new set of keys, which will I use to sign user
ssh-keygen -f users_ca
Then, I modify SSH daemon configuration to look for this, I open
/etc/ssh/sshd_config
and at the bottom I add the line:
TrustedUserCAKeys /etc/ssh/users_ca.pub
So these changes would take place, I restart SSH daemon
sudo service ssh restart
Then I transfer user's id_rsa.pub on server and sign with
ssh-keygen -s users_ca -I user_username -n username -V +52w id_rsa.pub
That gives me id_rsa-cert.pub file which I transfer to user and by that being done, user should connect to server without any problem.
But, when the user tries to connect using
ssh user#server.com
it gets the following message
no such identity: /home/user/.ssh/id_ed25519: No such file or directory
user#server.com's password:
When I type in the server's password it connects without any problem, but it shouldn't ask for it. Funny thing is, when I do the same steps on the user in virtual machine which is on my server, it connects without asking for the key.

Related Links

how to connet wired network in fedora/ubuntu via ISP (username and password)?
zabbix monitor custom service on centos7
Easy way to reopen a command previously written with CTRL+X, CTRL+E in bash?
How to Set up CRON in MAGENTO 1.9.2.4
Need help to find PID in shell script
Is the Common Clock Framework supported on Raspbian?
Can tmux save commands to a file, like .bash_history?
Arch Linux, Docker “No space left on device.”
Linux shell script for loop error
extract log time from log file
Docker: --ipc=host and security
GLIBC_2.14' not found - How to update
How to rename file and folder with the same case as a reference one
Loopback Interface on Linux does not work
CMake QNX crosscompile find_path and find_library works on Linux but not on Windows
Override whiplash exitstatus from msgbox

Categories

HOME
model
notifications
teamcity
recursion
express
mesos
data-mining
blender
sample
react-bootstrap
sqf
primavera
tweetinvi
html5-history
torch
mysqlbinlog
whitelist
core
spreadsheet
visual-paradigm
freeze
caddy
ssis-2012
point-clouds
wcs
django-forms
rx-android
css-transitions
jdbctemplate
hybrid-mobile-app
type-conversion
genie
afnetworking
mysql-python
cesium
pyzmq
zappa
robotics
atmega
pdfjs
uialertcontroller
jpgraph
forex
scrum
netflow
blas
android-drawable
wiremock
fsockopen
smartthings
ng-bind-html
linq-expressions
variadic-macro
alerts
wia
hive-udf
gwt-2.7
htk
graql
android-ksoap2
ansi-sql
xamarin.ios-binding
etw-eventsource
application-security
autobahnjs
requestanimationframe
qlistview
pop
goo.gl
android-update-app
elasticsearch-rails
openoffice-base
sat-solvers
steganography
rdio
windowsondevices
numerical-stability
distortion
antlr2
django-pyodbc
dojo-1.6
datetimeoffset
nested-sortable
ci-merchant
roleprovider
conio
ontopia
photosphere
urlhelper
axwindowsmediaplayer
mysql-management
aspect
ddd-repositories
symbol-tables
securitymanager
dedicated-hosting
abstract-interpretation
brownfield
nda

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App