Menu
I am experimenting with vagrant and I see that when I run vagrant, the vagrant box already has an authorized_keys file in ~/.ssh/
Inside is an rsa key. What is the difference in this key and if I create an id_rsa.pub public key myself using
ssh-keygen -t rsa -b 4096 -C "[email protected]"
779
The authorized_keys file in SSH specifies the SSH keys that can be used for logging into the user account for which the file is configured. It is a highly important configuration file, as it configures permanent access using SSH keys and needs proper management.
authorized_keys is a file that allows you to add ssh public keys of users that should be allowed to log into your server (the server in which the authorized_keys file lives) using key based auth. known_hosts is a file that contains a list of keys from... known hosts that you have logged into.
They're a key pair: id_rsa is your private key -- it should be kept secret, so that only you can use it; and id_rsa. pub is your public key -- you give it out so that others can verify that a given signature came from your private key.
The $HOME/. ssh/authorized_keys file lists the RSA keys that are permitted for RSA authentication in SSH protocols 1.3 and 1.5 Similarly, the $HOME/. ssh/authorized_keys2 file lists the DSA and RSA keys that are permitted for public key authentication (PubkeyAuthentication) in SSH protocol 2.0.
id_rsa.pub is a public key that you add to other hosts' authorized_keys files to allow you to log in as that user. Vagrant has one so it can be added to other hosts' authorized_keys files so it can log in automatically. The one you generated with ssh-keygen is for you to use, not Vagrant.
authorized_keys is a list of public keys that are allowed to log into that specific account on that specific server.
Think of id_rsa.pub as a signature for a specific user and authorized_keys as a list of authorized signatures who can log into that account on that specific host without a password (assuming they can prove they own the signature).
84
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
