Authorized_keys are important files which has the information of public keys for public key authentication. By default location is ~/.ssh/authorized_keys. Here, ~ is users default home directory in system.
While working on SSH, we got requirement to centralize the authorized_keys of all users existing in system. In most of the system for SSH we use the OpenSSH package. Hence, the default location for SSH config file is
Centralizing the authorized_keys for all users is quite easy. We believe you already have some experience on public and private ssh key pairs, because for access user need SSH private key.
Step 1: List the users name exist in system
Gather the information of existing users from
/etc/passwd file . Make a list of users to whom you want to give access in system with SSH key authentication method.
For example , I found some valid users from system like –
joe mike Joseph
Step 2 : Create a new directory
Create a new directory inside /etc/ssh . This we will use this directory for placing all users keys.
mkdir -p /etc/ssh/KEYS
Step 3: Edit the sshd_config file
Now we will edit the sshd_config file. We will edit
AuthorizedKeysFile parameter in
First take backup of /etc/ssh/sshd_config file. In case, if something goes wrong we can revert back by copying the backup file to original.
cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.$(date +%F).backup
Quickly checking if AuthorizedKeysFile parameter exist in file.
egrep -v '^#|^$' /etc/ssh/sshd_config |grep AuthorizedKeysFile
If AuthorizedKeysFile parameter exist in system then edit in below given format or otherwise add below given line in /etc/ssh/sshd_config
Step 4: Create directories matches with user name
Create directories matches with user name whose authorized_keys file you want to centralize.
For root user , now we will centralize authorized_keys. Follow the given below steps
mkdir -p /etc/ssh/KEYS/root chown root:root /etc/ssh/KEYS/root chmod 755 /etc/ssh/KEYS/root
touch /etc/ssh/KEYS/root/authorized_keys chmod 644 /etc/ssh/KEYS/root/authorized_keys chown root:root /etc/ssh/KEYS/root/authorized_keys
Set centralized authorized_keys for all users
Just as we have completed in above steps, almost same step you have to follow for all users. For example, our user name is mike . Let’s set authorized_keys file for mike
mkdir -p /etc/ssh/KEYS/mike chown mike:mike /etc/ssh/KEYS/mike chmod 755 /etc/ssh/KEYS/mike
touch /etc/ssh/KEYS/mike/authorized_keys chmod 644 /etc/ssh/KEYS/mike/authorized_keys chown mike:mike /etc/ssh/KEYS/mike/authorized_keys
Get the public key content for user called mike and paste in /etc/ssh/KEYS/mike/authorized_keys file.
Same steps follow for each users. In case, you are good in scripting you can easily achieve this by using for..loop .
Step 5: Now reload the ssh service
In CentOS 7 / RHEL 7
systemctl reload sshd
In CentOS 6 / RHEL 6
service sshd reload
In Ubuntu / Debian
sudo service ssh reload