1

The public component of SSH keys theoretically don't need to be kept private. It was therefore to my surprise that I was unable to read the public key of another user on the system:

andreas:~$ cat /home/bob/.ssh/id_rsa.pub
cat: /home/bob/.ssh/id_rsa.pub: Permission denied

The permissions of the key file allow me to read the id_rsa.pub file (644), the problem is the .ssh directory has the permission 700.

Is there any system in place for listing the public keys of other users on the system without having to be root or logging in as each user individually?

IQAndreas
  • 10,345
  • There is ssh-keyscan for host keys. I wasn't sure if there was something vaguely similar for user keys. – IQAndreas Dec 29 '15 at 02:35

1 Answers1

1

Normally you get a copy of the public key for someone because they publish it (whether by sending it to you directly or putting it in some more generally accessible place).

The original copy of the public key is normally in ~/.ssh due to the convention of storing the private key directly there as the public/private key pair is created. Aside from convenience, there is no reason that someone has to keep their public key there, since they will be using the private key to furnish their credentials.

Thomas Dickey
  • 76,765