[erlang-questions] ssh: only one key in authorized_keys? (Arndt Jonasson)

Ingela Anderton Andin ingela@REDACTED
Mon Mar 31 10:40:26 CEST 2008


> When using OTP's sshd implementation, only the first key in the
> "authorized_keys" file seems to be looked at. The function
> ssh_file:lookup_user_key_fd looks like this:
> lookup_user_key_fd(Fd, Alg) ->
>    case io:get_line(Fd, '') of
>	eof ->
>	    {error, not_found};
>	Line ->
>	    case string:tokens(Line, " ") of
>		[Alg, KeyData, _] ->
>		    decode_public_key_v2(ssh_bits:b64_decode(KeyData), Alg);
>		_Other ->
>		    ?dbg(false, "key_fd Other: ~w ~w\n", [Alg, _Other]),
>		    lookup_user_key_fd(Fd, Alg)
>	    end
>    end.
> i.e., when it finds one line containing three space-separated fields,
> that must be the key.
> Doesn't this render the use of SSH much less useful, or am I missing
> something?

Well this seems strange. I can not tell you the reason for the implementation being
as it is as the ssh application is based on two user contributions, but I have created
a ticket to look in to this. Actually we are currently doing some refactoring of the ssh
application so that it will become a real OTP-application with a supervision tree an all. 

Regards Ingela - OTP team

More information about the erlang-questions mailing list