All Questions
44
questions
0
votes
1
answer
885
views
What is the host key (the one from ssh connection) and how is it different from public-private key pair?
The situation is that I've had a VPS created previously. It was all set up, private-public key authentication, root login turned off, password login turned off. Everything was set up.
Then this server ...
2
votes
2
answers
422
views
Avoid SSH AgentForwarding of incompatible keys
Good morning,
I have one ed25519-sk key (using a hardware token), which I need only on my personal machine for some high security servers (all Debian). This key type is supported by OpenSSH 8.3+. We ...
0
votes
1
answer
68
views
Cannot add passwordless private key with ssh-add on remote server
I can add a passwordless id_ed25519 file locally using ssh-add -k, but not on my remote server.
Locally:
☁ ~ ssh-add -l
The agent has no identities.
☁ ~ ssh-add -k ~/.ssh/id_ed25519
Identity added:...
4
votes
1
answer
2k
views
SSH agent: `sign_and_send_pubkey: signing failed for ECDSA-SK ... from agent: agent refused operation` except very first time
I have an ecdsa-sk keypair that I generated and added to my github account (tied to a yubikey). If I try any connection using that key, such as git push, I get:
sign_and_send_pubkey: signing failed ...
0
votes
1
answer
477
views
How to specify identity when using SSH agent?
I've got a slightly unusual use-case...
I'm using SSH via certificates, (where the authentication mechanism isn't just a signature from a private key, but also presentation of a signed cert).
I have ...
2
votes
1
answer
222
views
How can I use different ssh keys for user1@host and user2@host, without resorting to aliased hostnames?
I have a remote CentOS server, lets pretend it's called hostname.com
hostname.com has several user accounts, and I want to ssh into this server as any one of these users (using ssh keys rather than ...
2
votes
1
answer
4k
views
Reconnect automatically to a disconnected ssh session [closed]
I am new to this community ,
I am working on my iot project in which my microcontroller is working as a server, taking data and executing request. My client is end device (mobile,tablet) and I am ...
12
votes
3
answers
5k
views
How to prioritize explicit ssh key from commandline over ssh-agent keys?
I have a bunch of ssh keys loaded semi-permanently into ssh-agent. ssh-add -L lists 6 keys.
I also have other keys which are stored separately; let's say, on a USB stick. I exactly don't want to keep ...
0
votes
1
answer
2k
views
How to connect GCP, VM machine with WinSCP
I created Virtual machine (VM) instance in the GCP but unable to connect with WinSCP from the windows machine.
I created on VM instance in the GCP then generated pub key by using command ssh-keygen ...
0
votes
1
answer
782
views
Using Password-Protected SSH Keys for Unattended Scripts on Remote Server
From PC1, I SSH into SERVER1 where I have a bash script, that will SSH & auth to SERVER2 using an SSH-key that's password-protected.
Everything works fine when I manually execute my script, using ...
3
votes
1
answer
1k
views
SSH ignores key in agent and keeps asking for key decryption password
In my ssh_config, I have configured SSH to use a specific key when connecting to a host. I want SSH to try only this key, not any other key it may find (in ssh agent or some other location), so I ...
1
vote
3
answers
1k
views
Does SSHFS support ssh-agent forwarding?
I'd like to be able to mount my backup server on-demand by using my keys on my client terminal only as I don't leave my SSH keys on servers I manage.
Does SSHFS support ssh-gent forwarding and how?
...
0
votes
3
answers
3k
views
Allowing SSH To use ssh-agent in bash script
I am working on recon for a set of systems my company is taking over and they use a different authentication method than we do. Specifically we use AD auth and a jump server to access systems where ...
0
votes
1
answer
3k
views
How to use socket file to access server if SSH Agent forwarding is enabled
I have bastion host. I connect to the bastion host using username/password. And I have private key for destination Server. Flow:
Local Machine -> Bastion -> Destination
I know that It's ...
2
votes
2
answers
885
views
Securely sharing SSH access in a team with SSH bastion
I need to share SSH access to a number of servers with my teammates and looking for a secure way to do it. I came up with a configuration involving a SSH bastion server, but not sure how (and if) it ...
4
votes
1
answer
1k
views
force ssh to use agent, without fallback to directly accessing the IdentityFile
Company policy requires some ssh keys to be stored securely, e.g. on dedicated USB device. Using keys not stored on the host machine works flawlessly using gnupg with enable-ssh-support, even when ...
-2
votes
1
answer
1k
views
ssh force user to user ssh-add
I am trying to understand how this functionality works. I have digital ocean account. I have given digital ocean an ssh public key to associate with any server that I spin up. Once I've created a ...
0
votes
2
answers
1k
views
Using virt-manager with seahorse instead of ssh-askpass?
On my Arch Linux virt-manager can not connect remote ssh and tells about installing ssh-askpass. As I wan't to use the gnome default seahorse, I was looking for a solution which I didn't find on the ...
2
votes
2
answers
7k
views
How can I check lifetime of SSH keys loaded to agent?
I'm using OpenSSH on Linux. For securioty reasons, when I load keys to agent, I use -t option, to limit time of availability of the keys (generally for 10 hours or so).
Is there any way to list all ...
4
votes
1
answer
4k
views
how ssh-agent process is increasing on every login
i have added the following line in my .bashrc file to start ssh-agent if it is not running.
if [ -z "$SSH_AUTH_SOCK" ];then eval `ssh-agent -s`;ssh-add ~/.ssh/my_private_key;fi
But every time when i ...
4
votes
1
answer
2k
views
What is the maximum number of private keys you can use via SSH Agent (Pageant)
While answering Re-using SSH keys I had a question of my own, is there a limit to the number of ssh keys you can hold in ssh agents? (and/or putty pageant).
(as a test, I loaded 10 keys into my ...
11
votes
1
answer
7k
views
ssh - retrieve public key from ssh-agent
I am searching for a way to extract the public key from the authentication agent.
I want to be able to write the public key out into a file, after i added the key to the ssh-agent (ssh-add ~/.ssh/...
-1
votes
1
answer
2k
views
How to have multi SSH reverse connections using autossh?
I used autossh in my raspberry pi to connect to one of my VPS.
But I have 4 raspberry-pi(s). I used the same script to connect to my remote VPS, so that I can login in every raspberry pi anytime ...
0
votes
1
answer
4k
views
ssh: Could not resolve hostname add: Name or service not known
I created non-sudo user and I can't add ssh key while logined with it:
% ssh -vvv add ~/.ssh/mykey
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
...
1
vote
1
answer
360
views
ssh-add -l multiple entry for the same private key
192-168-1-103:~ josh$ ssh-add -l
4096 SHA256:4fFdwJ71VIH8rucL9y/3U7jxjctaFcAKmdQZPEqR0Y4
/Users/josh/.ssh/id_rsa (RSA)
4096 SHA256:41kNx5H5yDf1mv6ZNS5W5nSI77WU5qhajLYHvUe6/1A
/Users/josh/...
1
vote
0
answers
825
views
Enabling SSH for deploy of a bitbucket git repo
I'm trying to deploy my git repo to my server. To make this work I first needed to setup ssh on my locale computer and on my server.
for bitbucket I followed https://confluence.atlassian.com/...
0
votes
1
answer
86
views
Is my private key safe if I use authenticaiton agent forwarding with the ssh -A option?
I love the option to connect to servers via SSH with the -A option, so I can use my private keys on the server.
This lets me update git/svn repositories and connect to other servers without the need ...
0
votes
0
answers
84
views
Enable root password on remote server
I'm playing around with ssh-with-rsa-key authorization instead of password authorization and because I'm not really clever I've locked password authorization for root(passwd -l root) on remote server.
...
11
votes
3
answers
36k
views
SSH key problems: Not a RSA1 key file unknown key type '-----BEGIN'
A backuppc server is able to sign into remote machines as root and backup them up, but if I sign in as the backuppc user and try to ssh into these machines using the same key, the key is rejected with ...
4
votes
2
answers
2k
views
SSH authentication between my VPS and Bitbucket fail
I'm trying to setup SSH authentication between my VPS and Bitbucket for configure later automatic deployment via Capistrano (for web projects) and Capifony (for Symfony2 projects) so I follow this ...
4
votes
2
answers
20k
views
SSH key and ip address
A co-worker keeps mentioning SSH keys being associates with an IP address but Im not sure what it exactly means. So i tried generating a SSH key and it had my host name at the end of the file. This ...
16
votes
1
answer
18k
views
SSH ForwardAgent multiple hops
I've been looking for a solution to the following problem for the past 2 hours with no luck.
Development:
I'm using publickey authentication to connect to my servers. I use ssh-agent forwarding in ...
2
votes
2
answers
2k
views
Reverse ssh-agent forwarding. Using a remote ssh key
I have my github.com private ssh key in an ssh-agent on a key server. From my home computer behind NAT I want to run git pull and use my github ssh key.
The only way I know of doing this is to ssh ...
4
votes
3
answers
12k
views
Forgot the password for an encrypted SSH key that's in my (gnome) SSH agent. How do I extract unencrypted version? [closed]
OK, I have an encrypted ssh private key that provides access to a server. My Ubuntu GNOME desktop has an integrated graphical ssh agent (seahorse v3.2.2). That ssh key is in this ssh agent and it's ...
1
vote
1
answer
569
views
How to get an Ubuntu root account to forward ssh keys as the forwarding machine
UPDATE: the whole thing described below works fine for non-root accounts on the remote machine.
That is, this works:
anderson@client -> nonroot@remote -> anderson'[email protected]
This ...
0
votes
1
answer
106
views
seamless ssh with condition
I am looking for a way of seamless ssh in a way that when user does ssh through shell, it will be disallowed (or normal rules apply) but if a process (non-interactive) tries to ssh with the same user ...
14
votes
5
answers
6k
views
Choose identity from ssh-agent by file name
Problem: I have some 20-30 ssh-agent identities. Most servers refuse authentication with Too many failed authentications, as SSH usually won't let me try 20 different keys to log in.
At the moment, I ...
7
votes
3
answers
3k
views
Allow only specific keys in agent forwarding?
Is it possible to use agent forwarding excluding all keys from being forwarded, except ones specifically stated? Alternatively, are there any ways to specify the order the keys are tried per session?
...
4
votes
1
answer
565
views
ssh agent authorization in a detached screen session
I have an ssh script which use ssh key forwarding on a remote system to do thing in even more remote systems.
I have to run the script in a screen session so that I can detach from it. But the ...
6
votes
1
answer
4k
views
ForwardAgent in Jenkins
I'm trying to enable ForwardAgent in the "Publish over SSH" Jenkins Plugin. This would allow jenkins to execute deployments, rsyncs and svn+ssh checkouts on remote servers. But there's no option for ...
1
vote
1
answer
2k
views
Issues with ssh-add
I am attempting to add an ssh key using ssh-add. Upon running ssh-add ~/.ssh/insertkeynamehere I am prompted with:
Could not open a connection to your authentication agent.
After doing some research ...
0
votes
3
answers
1k
views
ssh-agent forwarding Ubuntu 10.04.03 LTS
What started as an annoying issue a few weeks back, is now driving me
mad!
At home, I have a Ubuntu 10.04.03 box which acts as a fileserver. I
backup things on it via rsync from other boxes, outside ...
0
votes
3
answers
6k
views
passwordless ssh not working
I've tried to setup a password-less ssh b/w A to B and B to A as well.
Generated the public and private key using ssh-keygen -trsa on both the machines.
Used the ssh-copy-id utility to copy the ...
5
votes
5
answers
13k
views
Pass your password to your SSH key via a script
I am writing a script that will allow me to retrieve a file from all of my servers at once. I have SSH keys in place in order to log into my servers. My SSH key however requires a password.
The ...