Solved Does FreeBSD (or ssh clients) push keys without being told to?

[puppydog]

My server was previously running RHEL, with password logins disabled and pki authentication required. I replaced it with FreeBSD 11.0 on Monday, and today I was going to go ahead and take care of setting that up with the new OS.

I had previously logged in with a password under the default settings, and I was going to just reuse the same keys from RHEL, but when I ran ssh-copy-id on my Fedora laptop, I was surprised to see that it told me that the keys were already present on the remote system. I tested this out and sure enough, I'm able to log in just with pki.

So what happened here? How did my keys get pushed from my Linux laptop to my FreeBSD server without my telling it to do so? Is this just something that the SSH client did on its own?

 

[SirDice]

Is this just something that the SSH client did on its own?

Definitely not.

One possibility I could think of is that your home directory is on NFS. The system may have changed but your home directory is stored somewhere else and mounted when you logged in. But you would have known this when you set up the system. So, I have no idea how those keys got there if you didn't put them there.

 

[xtaz]

Some SSH clients have the ability to automatically set up keys. I think Bitvise does this as one example. I've never used it myself but I assume that when you log in with a password it then creates the keys if there are any configured within it.

 

[tingo]

Perhaps your Fedora laptop is running ssh-agent(1)?

 

[kpa]

Perhaps your Fedora laptop is running ssh-agent(1)?

This is the most likely explanation, automatic pushing of the public keys and setting them as authorized keys would be very very dangerous if you connect to a malicious SSH server by accident.

 

[puppydog]

I don't appear to have that service running, but reading what it does that does sound like it might be the case. Thanks