Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ssh-keys]

an authorization mechanism for SSH involving public-key cryptography.

SSH keys are an authorization mechanism for SSH involving public-key cryptography. It consists of

  • A private/public key pair generated by a utility like ssh-keygen.
  • A configured (in /etc/ssh/sshd_config) SSH daemon that allows public key authentication.
  • A configured user account that has the public key copied to ~/.ssh/authorized_keys.
792 questions
7
votes
3 answers

authorized_keys Environment Variables Not Setting Environment Variables

I have created the file ~/.ssh/environment in there I put: LEVEL=0 When I run a script over ssh to get the environment variable level it returns 0 like it should. In the authorized_keys file I have several keys and am trying to change the value on…
Buddy Lindsey
  • 269
  • 3
  • 9
6
votes
2 answers

How to make in SSH private key from one line, three lines

i have ssh-key, something like this -----BEGIN RSA PRIVATE KEY----- my_super_secret_password -----END RSA PRIVATE KEY----- Of course this key does not work. When i am doing manual things, something, like this -----BEGIN RSA PRIVATE KEY-----…
Piduna
  • 541
  • 4
  • 12
  • 25
6
votes
2 answers

Restricting a ssh key to only allow rsync/file transfer?

I have 2 servers (A & B), and I need to rsync files from A to B as root. Allowing root ssh login is possible (PermitRootLogin without-password), but I'd like to lock it down as much as possible. I'm using ssh keys, and (on B) the root ssh key (in…
Amandasaurus
  • 31,471
  • 65
  • 192
  • 253
6
votes
1 answer

SSH authentication sequence and key files : explain

As a background to troubleshooting various problems using SSH and rsync with key pairs, I wanted a straightforward overview of the sequence of events that takes place during SSH authentication, and how each of the several client and host files plays…
gwideman
  • 281
  • 2
  • 8
6
votes
4 answers

How do you securely retrieve the ssh host keys from a google compute engine instance?

I want to update my ~/.ssh/known_hosts with the host key information for a newly created GCE instance. But I'm not sure how to securely retrieve that information. I thought something like gcloud compute ssh @ --command='ssh-keyscan…
jhfrontz
  • 293
  • 3
  • 13
6
votes
2 answers

ECDSA key fingerprint - looks like it is base64 encoded, but too few characters

I've setup a GitLab VM, and have created a project on it. Now I'm trying to connect to it from another machine using my git client (Git for Windows v2.7.1...also tried upgrading to latest version which is 2.15.1, but no change). On the Windows…
Anssssss
  • 163
  • 1
  • 6
6
votes
2 answers

"Permission denied (publickey)" with "key_load_public: No such file or directory" upon SSH attempt

I keep receiving the following error upon running ssh -v -i privatekey user@server.org. OpenSSH_6.9p1, LibreSSL 2.1.8 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 21: Applying options for * debug1:…
turnt
  • 169
  • 1
  • 1
  • 3
6
votes
1 answer

OpenSSH client keeps sending RSA key instead of ECDSA

Client is Ubuntu 16.04 with keychain, server is FreeBSD 10.3. There is only one key in ~/.ssh/authorized_keys on the server (this key is ECDSA p521 and not RSA), and the client has both private and public key inside ~/.ssh. The problem is the client…
Manuth Chek
  • 402
  • 2
  • 6
  • 16
6
votes
3 answers

Why ssh-copy-id requires private key file

The ssh-copy-id was very useful for sending public keys to server. But it fail if you haven't private key file, now. $ ssh-copy-id -i my_friend_rsa.pub root@example.com /usr/bin/ssh-copy-id: ERROR: failed to open ID file 'my_friend_rsa': No such…
dev.brutus
  • 211
  • 3
  • 7
6
votes
1 answer

What is the good practice for adding known keys/fingerprints to known_hosts

There are plenty of answers to questions similar to this one but I can't seem to find one with a clear answer. They all either grab the public key at least once, ignore the key altogether, or write directly to the known_hosts file (implies no…
D.Mill
  • 379
  • 5
  • 15
6
votes
2 answers

Forced to change expired password when using ssh key

I am working in an environment where I have an account on multiple linux machines where accounts and passwords are managed independently (no active directory/LDAP/etc) and passwords expire every 30 days. As such, I thought it would be easier to…
GregH
  • 291
  • 1
  • 2
  • 15
6
votes
1 answer

Add two or more SSH keys to a user, in puppet

I need a solution to be able to add more than one SSH ´key´ to one user. class user { user { 'k': ensure => present, comment => 'bogo user', home => '/home/k', managehome => true } ssh_authorized_key { 'k_ssh': user => 'k', …
nicoX
  • 611
  • 9
  • 18
6
votes
2 answers

Rsync + public key authentication security

I have read several articles how to automatically backup files with Rsync and public key authentication. All of them are very similar. I just finished setting up everything and everything works fine but... I just found an article which says it's not…
tfegc
  • 221
  • 1
  • 5
  • 10
6
votes
2 answers

Specifying multiple SSH signed certificates for one Identity file

I am looking to implement signed certificates for SSH authentication. I have followed the steps here and am now trying to figure out how I am going to implement it on my systems. As an example, we have two environments: Production and Testing; each…
user234008
6
votes
1 answer

How to programatically find default ssh key?

In most of my experience, by default, ssh will look in ~/.ssh/id_rsa(.pub) for the default key pair. Ocassionally I try to write scripts to take advantage of this default key location, but I end up hardcoding it (eg.…
Drew
  • 263
  • 3
  • 11
1 2 3
52 53