Before a UNIX user can use certificate authentication to log in to an SSH server, he must generate a private key with the ssh-keygen command. This module can be configured to work with the Users and Groups module to run this command for all newly created users. If your network uses NFS-mounted home directories, this will allow new users to log in to other hosts without needing to supply a password, with no further setup needed.
To configure the setup of SSH for new users, follow these steps:
1. | On the module's main page, click on the User SSH Key Setup icon. |
2. | Check the Setup SSH key for new UNIX users checkbox, so that ssh-keygen will be run for new accounts. |
3. | To have the new user's public key added to the list of keys that are authorized to use his account, check the Copy new identify.pub to authorized_keys box. If it is not selected, they will need to do this manually before authentication with their new certificate will be accepted. |
4. | To set a passphrase for new users' private keys, check the Use password as key passphrase box. If it is left unchecked, no passphrase will be set (which is more user-friendly, but less secure). |
5. |
18.117.138.104