Skip to main content

SSH Key Login for Encrypted Home Directory

When the Linux home directory is encrypted, you will not be able to use ssh key login by simply copying ssh-copy-id mechanism. to overcome this issue you will have to move the authorized key out of home directory as default location is inside the home directory which is encrypted in this scenario.

Let's take client as the machine your currently logged in and server as the machine you want to access using ssh keys.

1. log in to the client and do a ssh-copy-id

ssh-copy-id -i .ssh/id_rsa.pub <user-name>@<server-ip>




2. now log in to server and copy the authorized file to a different location

cp ~/.ssh/authorized_keys /etc/ssh/nuwan/authorized_keys

3. check the owner of the file moved. it should be accessible by our user. if not change owner as following

sudo chown <user-name> authorized_keys

4. set the file permission

 chmode 640 authorized_keys

5. now we should configure sshd file for the new ssh suthorzed file location. go to
/etc/ssh/sshd_config and uncomment AuthorizedKeysFile line and set the path for the authorizised file
AuthorizedKeysFile      /etc/ssh/nuwan/authorized_keys

6. as the final step sshd service restart is required.

    sudo service sshd restart

now we are done. test the connectivity by log in to client and issue the following command.
 ssh  <user-name>@<server-name>

you should be log without entering the password.
Labels:

Comments

Post a Comment

Popular posts from this blog

Oracle Database 12c installation on Ubuntu 16.04

This article describes how to install Oracle 12c 64bit database on Ubuntu 16.04 64bit. Download software  Download the Oracle software from OTN or MOS or get a downloaded zip file. OTN: Oracle Database 12c Release 1 (12.1.0.2) Software (64-bit). edelivery: Oracle Database 12c Release 1 (12.1.0.2) Software (64-bit)   Unpacking  You should have following two files downloaded now. linuxamd64_12102_database_1of2.zip linuxamd64_12102_database_2of2.zip Unzip and copy them to \tmp\databases NOTE: you might have to merge two unzipped folders to create a single folder. Create new groups and users Open a terminal and execute following commands. you might need root permission. groupadd -g 502 oinstall groupadd -g 503 dba groupadd -g 504 oper groupadd -g 505 asmadmin Now create the oracle user useradd -u 502 -g oinstall -G dba,asmadmin,oper -s /bin/bash -m oracle You will prompt to set to password. set a momorable password and write it down. ...
9 comments
Read more

DBCA : No Protocol specified

when trying to execute dbca from linux terminal got this error message. now execute the command xhost, you probably receiving No protocol specified xhost:  unable to open display ":0" issue is your user is not allowed to access the x server. You can use xhost to limit access for X server for security reasons. probably you are logged in as oracle user. switch back to default user and execute xhost again. you should see something like SI:localuser:nuwan solution is adding the oracle to access control list xhost +SI:localuser:oracle now go back to oracle user and try dbca it should be working
2 comments
Read more

Java Multithreading 2021

Thread Thread Is a subprocess that follows a separate execution path, different stack frame and executes independently but they share the same process resources.  Multithreading is the process of executing one or more threads simultaneously that helps in executing multiple tasks at the same time. Advantages less memory fast efficient Supports multitasking Exception in one thread does not affect the other    Thread lifecycle New Runnable Running Non-Runnable Terminated   Ways to create a thread? Extending Thread class Implementing Runnable class   Thread.start() vs Thread.run() Class java.lang.Thread .start() Creates a new thread and the run() method is executed on the newly created thread. Can’t be invoked more than one time otherwise throws java.lang.IllegalStateException.  Interface java.lang.Runnable.run(), No new thread is created and the run() method is executed on the calling thread itself. Multiple invocation is possible   Constructors of a th...
Post a Comment
Read more