Experimenting with ZFS and such, I found that password authentication is always allowed with sshing to a user in a ZFS pool.
From SSH and following the steps in the handbook under Ch. 20, ZFS, I create the pool, create the storage volume, change the mountpoint of the volume to /home/ and create the user's directory and give permissions.
Exit and SSH back into freebsd@...
All volumes are mounted correctly. User freebsd's home directory is now /storage/home/freebsd.
I then import my key from the client machine, confirm it is in my -- now empty -- home directory, and then disable PasswordAuthentication in /etc/ssh/sshd_config on the test FreeBSD box, and logout of the session.
When I SSH back into freebsd, I am still prompted to type in the password, rather than being authenticated by the key.
Is this normal, or did I miss something during setup? I have been tinkering with it for over a day, and Internet search has found no result. It is as though when a user is in a ZFS pool, all directories outside of it are ignored. Since this is only a test box, I suppose I can try mounting all of / to the ZFS pool and report back. I just think this is odd the SSH rules are being ignored once a user is moved to ZFS.
FreeBSD version 13.0.
Raspberry Pi 4.
From SSH and following the steps in the handbook under Ch. 20, ZFS, I create the pool, create the storage volume, change the mountpoint of the volume to /home/ and create the user's directory and give permissions.
Code:
# zpool create storage raidz da0 da1 da2 da3
# zfs create -o (encryption options) storage/home
# zfs set mountpoint=/home storage/home
# zfs create storage/home/freebsd
# chgrp freebsd /home/freebsd
# chmod g+rwsx /home/freebsdExit and SSH back into freebsd@...
All volumes are mounted correctly. User freebsd's home directory is now /storage/home/freebsd.
I then import my key from the client machine, confirm it is in my -- now empty -- home directory, and then disable PasswordAuthentication in /etc/ssh/sshd_config on the test FreeBSD box, and logout of the session.
When I SSH back into freebsd, I am still prompted to type in the password, rather than being authenticated by the key.
Is this normal, or did I miss something during setup? I have been tinkering with it for over a day, and Internet search has found no result. It is as though when a user is in a ZFS pool, all directories outside of it are ignored. Since this is only a test box, I suppose I can try mounting all of / to the ZFS pool and report back. I just think this is odd the SSH rules are being ignored once a user is moved to ZFS.
FreeBSD version 13.0.
Raspberry Pi 4.
