Erlang, SSH and authorized_keys

Posted by Roberto Aloi on Stack Overflow See other posts from Stack Overflow or by Roberto Aloi
Published on 2010-03-10T12:41:40Z Indexed on 2010/03/15 1:59 UTC
Read the original article Hit count: 392

Filed under:
|
|

Playing with the ssh and public_key application in Erlang, I've discovered a nice feature.

I was trying to connect to my running Erlang SSH daemon by using a rsa key, but the authentication was failing and I was prompted for a password.

After some debugging and tracing (and a couple of coffees), I've realized that, for some weird reason, a non valid key for my user was there. The authorized_keys file contained two keys. The wrong one was at some point in the file, while the correct one was appended at the end of the file.

Now, the Erlang SSH application, when diffing the provided key with the ones contained in the authorized_keys, it was finding the first entry (completely ignoring the second on - the correct one). Then, it was switching to different authentication mechanism (at first it was trying dsa instead of rsa and then it was prompting for a password).

The question is: Is this behavior intended or should the SSH server check for multiple entries for the same user in the *authorized_keys* file? Is this a generic SSH behaviour or it's just specific to the Erlang implementation?

© Stack Overflow or respective owner

Related posts about erlang

Related posts about ssh