SSH key authentication in TrueNAS 12 - Home directory permissions!

Palladio

Palladio

Cadet
Joined
Feb 9, 2014
Messages
9
Hello everyone,

I want to set up password-less authentication from my Debian 10 client computer, to my TrueNAS-12.0-U1.1 server. I understand that TrueNAS requires setup via the WebGUI, not by adding the client's public key to the authorized_keys file on the server.

To set this up, do I simply copy the text from the client's id_rsa.pub key to the user on the server (both named "user" here)? Or, do I do this, then copy into the SSH Keypair and SSH Connection under System as well?

Thank you in advance.
 
Palladio

Palladio

Cadet
Joined
Feb 9, 2014
Messages
9
SOLVED, it was really basic once I figured out where to look.

I got a daily email from my TrueNAS box stating "bad ownership or modes for directory /home/user/.ssh. "

It was incorrect permissions on my home share! From https://www.daveperrett.com/articles/2010/09/14/ssh-authentication-refused/:

"SSH doesn’t like it if your home or ~/.ssh directories have group write permissions. Your home directory should be writable only by you, ~/.ssh should be 700, and authorized_keys should be 600 :

1
2
3
> chmod g-w /home/your_user
> chmod 700 /home/your_user/.ssh
> chmod 600 /home/your_user/.ssh/authorized_keys

Once I fixed the permissions on my home share, I re-uploaded my public key via the browser under Users/user, and logged in password-less from my Debian client. FYI for anyone else who has this issue.
 
Moogle Stiltzkin

Moogle Stiltzkin

Dabbler
Joined
May 13, 2021
Messages
22
Palladio said:
SOLVED, it was really basic once I figured out where to look.

I got a daily email from my TrueNAS box stating "bad ownership or modes for directory /home/user/.ssh. "

It was incorrect permissions on my home share! From https://www.daveperrett.com/articles/2010/09/14/ssh-authentication-refused/:

"SSH doesn’t like it if your home or ~/.ssh directories have group write permissions. Your home directory should be writable only by you, ~/.ssh should be 700, and authorized_keys should be 600 :

1
2
3		> chmod g-w /home/your_user
> chmod 700 /home/your_user/.ssh
> chmod 600 /home/your_user/.ssh/authorized_keys

Once I fixed the permissions on my home share, I re-uploaded my public key via the browser under Users/user, and logged in password-less from my Debian client. FYI for anyone else who has this issue.
Click to expand...
what is g-w ? what permission right number is that?
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "SSH key authentication in TrueNAS 12 - Home directory permissions!"

Similar threads

Arman
SSH into FreeNAS With Key Pairs
Replies
0
Views
1K
Arman
Arman
K
SSH key auth failure for non root user
Replies
5
Views
1K
Arwen
Arwen
M
TrueNAS SSH connection - "no hostkey alg"
Replies
0
Views
1K
MarkMark
M
B
SOLVED Getting shell SSH to use key
Replies
7
Views
1K
badincite
B
J
SSH setup for rsync PULL over SSH.
Replies
1
Views
3K
JFarmer
J
Top