Installing your SSH public key on the SSH server

In this section, we will configure the OpenSSH server to allow automatic login using smartcards.

Configuring OpenSSH server is out of the scope of this tutorial, so we give limited information.

OpenSSH Authorization file

OpenSSH server authorization file is located in:
/home/your_username/.ssh/authorized_keys

The authorized_keys fils contains all SSH public keys, which are allowed to connect to your home directory.

Modifying SSH authorization file

Connect to your SSH Server and browser to your home folder.

Browse to the .ssh folder.
If there is no .ssh folder, create it.

There should be a file names authorized_keys:

• If this file exists, open it and add you SSH public key.
• If this file does not exist, create it and add you SSH public key.

In our example, /home/your_username/.ssh/authorized_keys
should contain only the following information (one a single line, no word wrap):

Even more security

Before considering configuring your OpenSSH server with more security, please finish this tutorial and make sure you are able to connect using RSA keys and a smartcard/token.

OpenSSH server configuration are stored in the etc/ssh/sshd_config file.

Restricting access to a number of users.
To allow bob and chris users:

Disable root access
Modify the following entry:

Disable clear text login
Modify the following entries:

Be warned you will not be able to log in using clear text password. Therefore, if you loose your smartcard/token, you may need to connect directly to your OpenSSH server and switch back to clear text passwords.

Restart OpenSSH server