Is ssh public key associated with a user?

The short answer is no.

Sample scenario: you (Bob) want to connect to remote host (earth) as alice.

SSH is a connection from someplace (a Unix, Windows, tablet, ...) to a user (alice) on a host (earth).

When you (bob) connect without password, you use a private key (on Unix it is traditionally located in ~/.ssh, but you can put it anywhere).

The remote host just have two facts:

  • you want to connect as alice,
  • you claim to have a private key (of which you provided the fingerprint)

The remote host (earth), having public part of the key, issues a challenge that anyone having private part can answer. Once challenge is done, you simply connect.

In this scenario, you proved you have private part of one of alice's authorized keys. But the remote host (earth) has no way to know you are Bob, or Igor or anyone else.

Remember you can connect from Windows or an Android device where user's scheme is completely different.

authorized_keys

This file lists public keys that can connect (after challenge).

This file is located either in

  • ${HOME}/.ssh/authorized_keys (default)
  • any location given by AuthorizedKeysFile in sshd_config file. See man sshd_config.

I don't fully understand your question, but the way a SSH key is mapped to user johndoe (and authorizes him to log in passwordlessly to the remote server) is that the public key part is included in the file

~johndoe/.ssh/authorized_keys  

on the remote server.

If now you have the private key part on your ~/.ssh/ directory (that'll be the file ~/.ssh/id_rsa), you can login passwordlessly on the remote server via the command:

ssh johndoe@remoteserver

regardless of your username on the local machine.

Tags:

Ssh