Questions tagged [ssh-keys]

an authorization mechanism for SSH involving public-key cryptography.

SSH keys are an authorization mechanism for SSH involving public-key cryptography. It consists of

  • A private/public key pair generated by a utility like ssh-keygen.
  • A configured (in /etc/ssh/sshd_config) SSH daemon that allows public key authentication.
  • A configured user account that has the public key copied to ~/.ssh/authorized_keys.
792 questions
2
votes
1 answer

Same SSH login process works for user A but not for user B

I created an SSH public key for my root user. I copied it to /root/.ssh/authorized_keys, and saved. The key is only ssh-rsa key. (It's one row, ssh-rsaSPACEkey, no further spaces or brakes). /.ssh is 700. /.ssh/authrozied_keys is 600. owner and…
user329119
2
votes
1 answer

openssh asks for dsa

Today, when I tried to login from my Linux laptop to a Linux server with SSH, I got the error message: WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! As I did not change the machines keys I did an ssh -v to see what happens. I found that my…
McSvenster
  • 21
  • 2
2
votes
3 answers

ssh-copy-id without password to user `postgres`

I have N hosts where can I do passwordless login via ssh to user root. For those machines I like to add a ssh-pub-key to authorized_keys of user postgres. Goal: I want passwordless login to user postgres, too. AFAIK the tool ssh-copy-id does not…
guettli
  • 3,591
  • 17
  • 72
  • 123
2
votes
1 answer

After restoring GitLab backup, new SSH public keys randomly supersede other users' existing keys

This occurred with a new (not upgraded) installation of GitLab 8.6.4. I installed GitLab and my team evaluated it. Of course I and others entered our SSH public keys. As part of our evaluation I made a GitLab backup and restored it. After I restored…
John McGehee
  • 225
  • 3
  • 10
2
votes
1 answer

OpenSSH adds %2 to known_hosts

When I connect to a CentOS 7 host with IPv6 my ssh client always adds %2 to known_hosts even though the host key for this host (with the host's IPv6 address) is already present in known_hosts. What does the %2 stand for? I'm using…
Felix Schwarz
  • 213
  • 3
  • 12
2
votes
1 answer

AWS EC2 Server Refused Connection - Unmounted replaced authorized_keys - still cannot connect

So we were working on configurations for a soon to be production server. After making some configuration changes, we rebooted the machine and we got the dreaded "server refused connection" message. I tried creating an AMI and re-launching to try and…
2
votes
2 answers

Cannot clone private repositroy from the docker container

The problem I'm trying to clone private repo from gitlab (self-hosted) during the gitlab build. I'm using ssh private key without passphrase, but got an error key_load_private_type: incorrect passphrase supplied to decrypt private key Files and…
Jekis
  • 181
  • 10
2
votes
0 answers

EC2 SSH Login Temporarily Hangs on "Entering Interactive Session"

I've been researching this for hours now, can't figure out why this is happening. Originally marked it as internet but checked my speeds (37 down, 10 up). I went from California to Oregon, and since then my Amazon EC2 started hanging for several…
Quinn Finney
  • 121
  • 2
2
votes
1 answer

Are default parameters to 'openssl genpkey' sufficiently secure?

I know very little about openssl so I'm wondering whether the default parameters to openssl genpkey are sufficiently secure. If I run openssl genpkey -algorithm rsa I get a private key. But is it fine to use like that? I don't even know whether rsa…
user779159
  • 395
  • 1
  • 5
  • 10
2
votes
3 answers

is it safe to exchange a systems server ssh-keys?

Instead of exchanging ftp/sftp credentials over email is it safer to to exchange a systems ssh-keys over email? If a person didnt have the physical ssh private file, would a hacker be able to gain access to the server by just knowing the public…
Exploit
  • 165
  • 1
  • 5
2
votes
1 answer

How to make ssh send a certificate for a key stored on a smartcard

I have a gpg key I use through a smartcard (yubikey neo) to ssh to many hosts. Some of these hosts use certificates as well as keys to authorize logins. For normal keys that are stored locally there are three files…
Arthur Ulfeldt
  • 3,249
  • 9
  • 33
  • 40
2
votes
2 answers

Restrict access to .ssh folder over network shares

I run a small server running Ubuntu Server 14.04 and have just noticed that the .ssh folder in the users home directory is accessible via SMB and NFS. The SMB and NFS are both secured, however I feel this is a weak spot in the server security as I…
Craig Lowe
  • 21
  • 2
2
votes
2 answers

How to configure SSH host keys in cloudformation template?

I'm trying to configure an EC2 with known SSH host keys on boot using cloud-init in a cloudformation template. But now I can't SSH into the server. It's tricky to debug :-) Here's the userdata part of my EC2 fragment from my template: "UserData"…
Dave
  • 21
  • 1
  • 3
2
votes
1 answer

SSH key authentication not working

I've a server running Ubuntu 10.04 (as a VM) to which I can't connect using ssh key authentication without being asked for the password. I've read a lot before posting but I really don't know what I'm missing. My .ssh folder in the server has 700…
gd_silva
  • 123
  • 3
2
votes
1 answer

SSH with DSA 2048 bits key

I need to set up secure connection through ssh keys, prerequisites are : DSA type number of bits : 2048 Passphrase : yes On my Linux I can't create this kind of key, the man says : DSA keys must be exactly 1024 bits as specified by FIPS…
tonio94
  • 145
  • 3
  • 8