All Questions
608
questions
0
votes
0
answers
16
views
Custom Linux AMI: How does AWS know where to install account SSH .PEM files when an AMI is provisioned?
We are building a custom AMI from a template EC2 EBS instance snapshot (Oracle Linux 8). This page shows there are many different user names depending on the AMI you choose:
https://docs.aws.amazon....
- 151
1
vote
1
answer
64
views
Remote Linux server GitHub permission denied publickey issues
I am experiencing publickey permission issues when trying to pull a private repo from GitHub to a remote Linux server.
Update
Ran ssh -v -o IdentitiesOnly=yes -i ~/.ssh/id_rsa [email protected] command ...
github
- 141
0
votes
0
answers
32
views
How safely obtain and check host public key for `known_hosts`?
For a newly deployed instance I get the following message for the first time SSH connection:
The authenticity of host '[hostname] ([IP address])' can't be established.
RSA key fingerprint is [key ...
- 216
0
votes
1
answer
68
views
How to prevent OpenSSH from creating a new known_hosts file every time it updates it?
It seems that every time I accept a new host key, ssh (I've tested 8.6p1 and 9.3p2) does the following steps:
Move the known_hosts file to known_hosts.old;
Create a new known_hosts file;
Copy the ...
- 103
0
votes
2
answers
141
views
How to remove all lines with the same public key from known_hosts?
Let's imagine the following scenario.
I have an host key ABCDEF1234 for a given hostname, so my known_hosts file looks like this (unhashed version):
example.com ssh-rsa ABCDEF1234
Now I connect to it,...
- 222
-2
votes
2
answers
58
views
the theory of SSH public and Private key and its application in realworld machines [closed]
there.
In this question, I have a very specific one about public and private keys. So Public keys should be put on the opposite side. For example, if we have a server, the public key of the server ...
- 3
0
votes
1
answer
46
views
SSH tries other keys despite specifying a key with -i option
For the same user, I have two keys on the local machine. On the remote server, both keys are in the authorized_keys file.
I delete one of the keys in the authorized_keys file.
I then try to ssh with ...
- 365
0
votes
0
answers
64
views
SSH CA-signed key does not work from certain hosts
I've tried to setup CA signed ssh user keys.
I got my configuration working on most clients, there seems to be problem on a few specific ones.
The key verification fails and they are prompted for ...
0
votes
0
answers
11
views
GCP VM instance not showing LESS keys as GCP editing instance metadata?
authorized_keys is missing AFTER I add my ssh key to an instance in GCP so then I connect via browser and authorized_keys is generated with 1. 'TWO keys'. I then click edit on instance and I see 2. '...
- 911
0
votes
2
answers
148
views
How does SSH host verification for github.com provide any value?
Running git clone [email protected]/repo.git warns me of a potential man-in-the-middle attack when GitHub change their SSH key, and that's cool. I then get the new key by running ssh-keyscan -t rsa ...
- 101
0
votes
0
answers
120
views
Linux server ssh connection wont authenticate my account using ssh key gen and prompts me for password
I am facing an issue in Ubuntu 22.04.2. where I am unable to SSH into a remote server using a copied public key. I have generated an SSH key pair on my local machine using a bash terminal, and I have ...
0
votes
1
answer
885
views
What is the host key (the one from ssh connection) and how is it different from public-private key pair?
The situation is that I've had a VPS created previously. It was all set up, private-public key authentication, root login turned off, password login turned off. Everything was set up.
Then this server ...
- 145
3
votes
0
answers
7k
views
What is the meaning of this line from ssh output: 'Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling'?
Everything works, ssh connects using private-public ssh key pair.
Just few things in ssh -v Ora2 output isn't clear for me.
This is complete ssh -v Ora2 output:
PS C:\Users\roeslermichal> ssh -v ...
- 145
0
votes
1
answer
450
views
Permission denied (publickey) error when managing GCP machine via Ansible (running on GCP VM) despite successful SSH connection
I deployed two machines to GCP via Terraform. Let's call them control-host and target-host. I want to manage the target-host via Ansible installed on the control-host.
Unfortunately, I keep getting ...
google-cloud-platform
2
votes
2
answers
1k
views
Why I can not ssh to my Vagrant host? [email protected]: Permission denied (publickey)
I created 5 VMs for my project
vagrant status
Current machine states:
master-1 running (virtualbox)
master-2 running (virtualbox)
master-3 running (...
- 333
0
votes
1
answer
34
views
SSH key for 2 client users to 1 server user
If this is a duplicate, I'm sorry.
I have searched my case but I couldn't find the right scenario that resembles my situation, although I thought that this situation must have come up before for ...
- 15
1
vote
1
answer
270
views
Validate all public keys in authorized_file
In my authorized_file i have multiple public keys against one private key. Now i want to add a task in ansible which will validate that all public keys are valid keys and good for connection. My aim ...
- 11
0
votes
1
answer
258
views
sshd not providing ecdsa/ed25519 host key algos
we have setup'd a bastion that only responds with the ssh-rsa host key algorithm when querying:
ssh-keyscan bastion.ops.dev.xxx.com
# bastion.ops.dev.xxx.com:22 SSH-2.0-OpenSSH_7.4
# bastion.ops.dev....
- 133
1
vote
1
answer
889
views
Adding my SSH key to new user with only SSH access through key
I'm quite new to this, and I've looked through questions but haven't found one that quite matches my problem, or rather I didn't sufficiently understand them to be able to solve this issue.
I have a ...
- 113
0
votes
0
answers
588
views
ssh illegal option while trying to connect to remote server
trying to ssh from my macbook pro, to a remote server,
ssh ayan@ServerIPAddress
gives the following error
ssh: illegal option -- ?
usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface]
...
- 101
0
votes
1
answer
228
views
Needs a clarification for the ssh-copy-id command
Say I have two computers connected to the same Wifi network. Let's call them computer-A & computer-B.
I am using computer-A, I can ping computer-B without issues.
Now, on computer-A, I have ...
- 101
2
votes
0
answers
64
views
User account auto-creation using SSH certificate authentication
My SSH server is configured to use certificate authentication, so it will trust anyone who presents a certificate issued by the user CA when they connect.
For reasons related with audit logs, I don't ...
- 21
0
votes
1
answer
43
views
Install SSH key in an account that has no "usable" shell
A remote SSH server has a guest account with a known, non-blank password, that when logged in directly executes a text-based terminal game (not sure if via command, shell, or another method). The ...
- 1,593
0
votes
0
answers
140
views
Using PasswordAuthentication yes in sshd config but password is not accepted during login
I tried to enable password authentication in CentOS 7 only for one user - auditor, by having this lines in my sshd.config (at the end of file):
PubkeyAuthentication yes
ChallengeResponseAuthentication ...
2
votes
1
answer
227
views
Use OpenSSH to make a key exchange with NTRU Prime
I would like to make a key exchange for a symmetric key from the client to the server with the NTRU Prime algorithm (for test reasons). I already installed OpenSSH 9.1 on both sides and checked ...
- 123
0
votes
0
answers
50
views
how to use systemctl with pem file for remote commands
I am wondering an anyone tell me how to use a pem file with the systemctl command in order to be able to issue a remote command whilst logging in using the pem?
I am running it on Ubuntu 22.04
...
- 1
4
votes
3
answers
3k
views
Why the RHEL8 system do not generate SSH host keys automatically when missing?
On the RHEL 8 and previous it is usual, that the SSH host keys in /etc/ssh are generated automatically by sshd service when missing. Usually there should be:
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/...
- 1,585
3
votes
1
answer
2k
views
How to ssh-copy-id through a jump-host? Something similar to the -J option with ssh command
I use a jump host to connect to the remote servers through SSH.
I use the following linear command for the connection.
ssh -J jumpuser@jumphost:2455 remoteuser@remotehost
It works fine.
But for new ...
- 53
0
votes
1
answer
68
views
Cannot add passwordless private key with ssh-add on remote server
I can add a passwordless id_ed25519 file locally using ssh-add -k, but not on my remote server.
Locally:
☁ ~ ssh-add -l
The agent has no identities.
☁ ~ ssh-add -k ~/.ssh/id_ed25519
Identity added:...
- 103
1
vote
1
answer
949
views
Why do i need to restrict permissions on a PEM key?
I have a .pem key file that i use to ssh to my ec2 server. I've moved this key file to an encrypted external SSD disk. This has caused the owner of the pem key to be set to 'everyone'.
When i try to ...
- 137
11
votes
2
answers
4k
views
ssh how to allow a very limited user with no home to login with pubkey
I have a very restricted user in my ssh server created with --no-create-home and --shell /bin/false.
I know I can define authorized_keys file in sshd_configs for the user's public key. But how can I ...
- 461
1
vote
0
answers
695
views
Connection closed by remote host when copying client public key to sftp server
I want to copy the client public keys for a container to a remote sftp server and after that attempt do some uploads to the server via bash script(the bash script will be invoked when the container ...
- 133
0
votes
0
answers
51
views
Tentative of shh->rsync to wrong IP; potential security risk?
I have set up a little RPI backup 'server' (with rpi OS) on my LAN. I use it to create a backup of my main personal machine data using rsync, and I reach it from outside my network through SSH (key-...
0
votes
2
answers
422
views
After install last version on ubuntu server 22 i can`t make ssh key connect to remote server
I did all the steps to create the key as I normally do:
ssh-keygen -t ed25519
next
ssh-copy-id -i /home/derbauer/.ssh/id_rsa.pub -p 12122 [email protected]
here everything goes normally
But in the ...
3
votes
3
answers
694
views
Administrative access to a server via SSH key
Is it a good idea to set the SSH key directly for the root user for administrative access to a server?
Or is it better to use another user for SSH access via SSH key, followed by sudo command?
Is the ...
- 370
0
votes
1
answer
2k
views
SSH permission denied
I have problem logging using ssh to company server.
I have my local ~/.ssh/config;
Host target
HostName xx.yy.zzz.aaa
User abcd
IdentityFile ~/.ssh/id_ed25519
IdentitiesOnly=yes
I have other ...
- 41
2
votes
1
answer
2k
views
SSH2 fails authentication with a working key converted with PuttyGen (due to deprecated ssh-rsa?)
I have an EC2 instance authenticated with a key-pair generated by AWS.
With Putty, I can connect to the instance by providing the private key in a PPK file.
When I try to use SSH2 (via one of the ...
- 123
0
votes
1
answer
132
views
How to enable ssh for supporters with intelligent key management?
My situation is the following:
Am having a lot of customers in a VPN network.
Each supporter is having a computer which is also in the VPN.
Each supporter should be able to log in into all systems ...
- 103
1
vote
1
answer
964
views
Permission denied (publickey), but no solution worked
It's one of these issues that get asked and answered so many times here and elsewhere, you can't believe you have to ask it again.
I'll let my configuration speaks for me:
On remote:
# getenforce
...
- 11
0
votes
1
answer
304
views
Which ssh/sshd config item will affect "Offering RSA public key"?
All servers support the ssh public key authentication only in my environment. When I read the ssh debug info, I notice the "Offering RSA public key" is different.
When I ssh server1 from ...
- 113
0
votes
2
answers
5k
views
How to use ssh-copy-id on remote server?
I have an ec2 instance which I can connect using this command with the ssh_key.pem file I have.
ssh -i ssh_key.pem [email protected]
I am trying to use ssh-copy-id to add the public key I have on ...
0
votes
1
answer
644
views
Re-use public key, private key, and authorized_keys across machines
Suppose there are two machines, A and B, both with local user account alice present. Suppose also that ~/.ssh contains the same id_ed25519, id_ed25519.pub, and authorized_keys file on both machines. ...
- 51
1
vote
1
answer
919
views
Cannot ssh into newly created VM (with key used in creation)
So my cloud provider has you cut/paste or drag/drop the id_rsa.pub key when creating the instance. The provisioning process sticks that key in the appropriate place as part of the process.
This works ...
- 11
1
vote
1
answer
540
views
I used ssh-keyscan in production environment. is it possible to revert back?
I used ssh-keyscan in production environment, after got to know it may allows MITM. I check in known_hosts files, fingerprint is not there. where can i check or is there any option?
- 11
0
votes
1
answer
375
views
I used ssh-keyscan to automatically allow fingerprints in production environment. whether it is good
Is there is any options to revert the mentioned action. whether it will cause any security breaches?
- 11
7
votes
3
answers
34k
views
SSH No Matching Host Key Type Found
I have two servers,
S1: My machine, Windows 8, OpenSSH 8.8p1, OpenSSL 1.1.11 2021-08-24,
S2: A Remote Server, Linux, Open SSH 5.3p1, OpenSSL 1.0.1e-fips 2013-02-11.
The message I have trying to ...
- 175
0
votes
1
answer
2k
views
SSH Key Fingerprint Changes
So I copied an SSH private key from my Linux machine to my M1 Mac. (I've attempted to do this both by uploading the cyphertext to a secrets manager as well as directly transfering the file) but when ...
- 151
1
vote
1
answer
699
views
SSH'ing into WIN 10
People of the Server-verse, a humble hello from fellow apprentice.
Above line goes out to show i am a newbie and thus need help with trivial probs, so appreciate all help in advance.
I am facing 2 ...
- 11
-2
votes
1
answer
45
views
Management of password disable server
This question is just for curiosity. I am studying a bit of server administration and have seen many people saying that having passwords is a bad idea and they should be disabled. But my question is: ...
0
votes
1
answer
1k
views
Can multiple keypairs added to an instance in aws?
Regarding to this question here "https://serverfault.com/questions/221760/multiple-public-keys-for-one-user" and many others on getting ssh access using multiple pub keys for one user, can I ...
Related Tags
linux × 110
ubuntu × 48
public-key × 42
ssh-agent × 38
ssh-keygen × 36
amazon-ec2 × 33
ssh-tunnel × 32
centos × 28
authentication × 26
security × 25
amazon-web-services × 24
git × 19
debian × 17
rsa × 16
rsync × 14
putty × 12
private-key × 12
known-hosts × 11
ansible × 10
sftp × 10
password × 9
windows × 8
centos7 × 7
more related tags
Hot Network Questions
- What are the minimum required legal obligations for US citizens?
- Safely update environment variables from another program
- What can I do if I can't pay the fee of Open access Pub. of a published paper?
- Why is there white stuff on these inductors?
- Map with object as key behaves weirdly
- Is this safe to drive on? (Chevrolet Spark 2016)
- Efficiently finding all matches of vector in lookup table, with repeats
- How to create an environment that allows you to bold words before a " : "
- Are there any post-counteroffensive polls in Ukraine on war fatigue?
- Linear algebra: What is the difference between target space of a function and the image of a function?
- What legal system does the European Union use?
- Problem in an inductive proof of Brouwer's fixed point theorem.
- "Set Smooth" and "Subdivide Mesh" geometry nodes nasty interaction
- Is creating a voltage rail loop good or bad practice?
- Why does an optical fibre employ total internal reflection instead of just reflection?
- Subject Pronouns With Infinitives
- Am I entitled to two compensations?
- What is the optimal method for getting every Unown in the Ruins of Alph?
- Best cryptographic algo with asymmetric cost: expensive to sign, cheap to validate
- How to best obfuscate a built-in key in an application?
- How does fallibilism not collapse into skepticism?
- Calculate the Mean of lists of the same length
- The PA Leash law
- What does this 2009 Ukraine map actually depict?