Note: This article was originally published in 2018. Some steps, commands, or software versions may have changed. Check the current SSH documentation for the latest information.

Prerequisites

Before you begin, make sure you have:

  • A system running Ubuntu (desktop or server edition)
  • Terminal access with sudo privileges
  • Basic familiarity with Linux command line

You’re probably coming from a previous related post ((</linux/ubuntu/resolved-permission-denied-publickey-when-trying-to-access-via-ssh-an-ubuntu-server/>)), but if not, you should take a look at it so you can get an idea of why you might want to store your ssh public key outside your home directory. I am no security expert so maybe this is not a great practice on shared server but in my scenario, all are trusted users so storing the ssh public keys of the users elsewhere was an acceptable choice.

How to store your ssh public key in a different directory

The key here is in the configuration file located at /etc/ssh/sshd_config. We are going to be looking for the following setting: RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys That last line is the key here. Right now, it is commented out, but you can see the default behavior of the program: %h means the home folder, so it will basically store in the home folder of each user the authorized_keys for said user. In my case, the home folder was encrypted so I kept getting a ”(</linux/ubuntu/resolved-permission-denied-publickey-when-trying-to-access-via-ssh-an-ubuntu-server/>)” error when trying to connect via SSH to my server as the SSH service could not decrypt my home folder and validate my public key(s). Solution? I moved it to another location, take this one for example: /etc/ssh/authorized_keys/%u. what that does is store in the /etc/ folder which is readable by the service the authorized keys of every user under a file with their username. So, this is how the line would look: AuthorizedKeysFile /etc/ssh/authorized_keys/%u so, as each user needs to be able to write to the folder to store their keys, you need to make it writable by them or you need to manually create the files and set their respective owners. If you have many users option one makes most sense, but if you only have a handful then just manually set the file and permissions to be safer. Go ahead and restart the service and you’ll see things work again as they should. Hope you find this helpful!

Summary

You’ve successfully learned store your ssh public key in a different directory. If you run into any issues, double-check the prerequisites and ensure your SSH environment is properly configured.