Centralized SSH Keys

There are times when it is beneficial to take control of SSH key management on a server. This brief tutorial will centralize all user SSH keys to a single location and allow root to manage them.

We will be keeping all keys in a single directory located in /etc/ssh/authorized_keys. Within the directory, there will be a file for each user account containing its authorized_keys.

The below commands will configure the server with centralized SSH keys and add a ssh public key to the keyfile.

Create the directory:

mkdir /etc/ssh/authorized_keys

Create a file for each user account and add a key:

touch /etc/ssh/authorized_keys/username
cat id_rsa.pub >> /etc/ssh/authorized_keys/username

Ensure the created file has the proper permissions or else authentication will not work.

chmod 600 /etc/ssh/authorized_keys/username

Inside the ssh configuration file, you will have to edit the Authorized_keys. Open /etc/ssh/sshd_config with your favorite text editor (hopefully VIM) and make the following changes.

Change the following.

#AuthorizedKeysFile     .ssh/authorized_keys
AuthorizedKeysFile      /etc/ssh/authorized_keys/%u

Leave a Reply

Your email address will not be published. Required fields are marked *