3

我正在运行 Mac OS X Leopard Server,我创建了一个新用户,但没有为该用户指定主目录。是否可以让该用户使用公钥进行身份验证?

我知道当用户确实有一个主目录时,它会进入~/.ssh/authorized_keys

我不想为这个用户创建一个主目录,因为我的理解是,如果给予物理访问权限,它将允许他们登录。

更新:我只需要允许该用户进行安全 FTP 连接。将 Login Shell 设置为/bin/false/也将阻止它们进行远程连接。

4

1 回答 1

10

您必须编辑/etc/ssh/sshd_config或它在您的机器上的位置并更改AuthorizedKeysFile设置。

文档说:

 AuthorizedKeysFile
         Specifies the file that contains the public keys that can be used
         for user authentication.  AuthorizedKeysFile may contain tokens of
         the form %T which are substituted during connection setup.  The fol-
         lowing tokens are defined: %% is replaced by a literal '%', %h is
         replaced by the home directory of the user being authenticated, and
         %u is replaced by the username of that user.  After expansion,
         AuthorizedKeysFile is taken to be an absolute path or one relative
         to the user's home directory.  The default is
         ``.ssh/authorized_keys''.

但是为什么你有没有家的用户(可以登录)?

于 2009-03-19T18:32:46.443 回答