linux


Trying to connect to host using SSH CA


I'm trying to setup SSH certificate authorization, by configurin my certificate authority to authenticate users to my server.
I generate a new set of keys, which will I use to sign user
ssh-keygen -f users_ca
Then, I modify SSH daemon configuration to look for this, I open
/etc/ssh/sshd_config
and at the bottom I add the line:
TrustedUserCAKeys /etc/ssh/users_ca.pub
So these changes would take place, I restart SSH daemon
sudo service ssh restart
Then I transfer user's id_rsa.pub on server and sign with
ssh-keygen -s users_ca -I user_username -n username -V +52w id_rsa.pub
That gives me id_rsa-cert.pub file which I transfer to user and by that being done, user should connect to server without any problem.
But, when the user tries to connect using
ssh user#server.com
it gets the following message
no such identity: /home/user/.ssh/id_ed25519: No such file or directory
user#server.com's password:
When I type in the server's password it connects without any problem, but it shouldn't ask for it. Funny thing is, when I do the same steps on the user in virtual machine which is on my server, it connects without asking for the key.

Related Links

grep multiple strings on multiple file
make install error 'nothing to be done'
safe unloading of kernel module
How to echo arguments in loop in bash
Linux segmentation fault
copy files from one path to another path in linux
Forbidden: cannot access / on server
Shell Script - Using sed with a variable having /
My .rpm package needs to restart the system. So, how can I define it in the .spec file?
Linux shell script to remove 2 day old frozen emails from exim queue
ssh: connect to host localhost port 2222: Connection refused [closed]
How to Reverse SSH from Shell Script
aliasing sudo with zshrc - gets “aliased to nocorrect sudo”
how to print block of lines not matching a block
substitution of a word with two words and a space using sed
'/usr/bin/ld: cannot find -lecore_input' but libecore_input.so exists when compiling Terminology

Categories

HOME
ribbon
identityserver3
morea-framework
bazel
networking
hibernate-envers
rss
peoplesoft
money
jquery-globalize
milo
backgrid
content-security-policy
android-volley
hl7
overlay
spring-el
messagebroker
blueprint-osgi
pool
calculated-columns
hiddenfield
hdinsight
pdfjs
google-sitemap
multiple-return-values
cgi
traits
rtl
sulu
openvz
ocamlfind
sonar-runner
6502
wrapping
expert-system
google-font-api
f#-data
android-googleapiclient
xlrd
open-uri
spring-test-dbunit
python-3.3
sliding-window
mina
sikuli-ide
bea
spark-notebook
ginac
craigslist
socialauth
skphysicsbody
tla+
android-update-app
ec2-api-tools
xcode7.2
bitstring
customer
digital-filter
http-status-code-304
dexclassloader
sony-smartwatch
torque
rackspace
juce
palette
expectj
attr-accessible
specs
android-lvl
radmenu
aspect
ilgenerator
wse2.0
lazy-registration
mfc-networking

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App