Questions tagged [ssh-keys]
an authorization mechanism for SSH involving public-key cryptography.
797
questions
1
vote
1
answer
964
views
Permission denied (publickey), but no solution worked
It's one of these issues that get asked and answered so many times here and elsewhere, you can't believe you have to ask it again.
I'll let my configuration speaks for me:
On remote:
# getenforce
...
0
votes
1
answer
304
views
Which ssh/sshd config item will affect "Offering RSA public key"?
All servers support the ssh public key authentication only in my environment. When I read the ssh debug info, I notice the "Offering RSA public key" is different.
When I ssh server1 from ...
0
votes
2
answers
5k
views
How to use ssh-copy-id on remote server?
I have an ec2 instance which I can connect using this command with the ssh_key.pem file I have.
ssh -i ssh_key.pem [email protected]
I am trying to use ssh-copy-id to add the public key I have on ...
0
votes
1
answer
644
views
Re-use public key, private key, and authorized_keys across machines
Suppose there are two machines, A and B, both with local user account alice present. Suppose also that ~/.ssh contains the same id_ed25519, id_ed25519.pub, and authorized_keys file on both machines. ...
1
vote
1
answer
919
views
Cannot ssh into newly created VM (with key used in creation)
So my cloud provider has you cut/paste or drag/drop the id_rsa.pub key when creating the instance. The provisioning process sticks that key in the appropriate place as part of the process.
This works ...
1
vote
1
answer
540
views
I used ssh-keyscan in production environment. is it possible to revert back?
I used ssh-keyscan in production environment, after got to know it may allows MITM. I check in known_hosts files, fingerprint is not there. where can i check or is there any option?
0
votes
1
answer
375
views
I used ssh-keyscan to automatically allow fingerprints in production environment. whether it is good
Is there is any options to revert the mentioned action. whether it will cause any security breaches?
0
votes
1
answer
229
views
Increased my VM disk size on Google Cloud Platform and now the SSH log in is asking for a password?
I increased the disk size on my VM instance running on Google Cloud Platform. There was a simple change from 200 GB to 400 GB with no other changes made on the Instance. When I started the instance ...
0
votes
0
answers
189
views
SSH to Windows server, fetching public keys from LDAP
We've got an established process where users connecting to an Ubuntu server via SSH have their public keys retrieved from our LDAP infrastructure and then PAM sets up their home directory, etc.
I need ...
7
votes
3
answers
34k
views
SSH No Matching Host Key Type Found
I have two servers,
S1: My machine, Windows 8, OpenSSH 8.8p1, OpenSSL 1.1.11 2021-08-24,
S2: A Remote Server, Linux, Open SSH 5.3p1, OpenSSL 1.0.1e-fips 2013-02-11.
The message I have trying to ...
0
votes
1
answer
2k
views
SSH Key Fingerprint Changes
So I copied an SSH private key from my Linux machine to my M1 Mac. (I've attempted to do this both by uploading the cyphertext to a secrets manager as well as directly transfering the file) but when ...
1
vote
1
answer
699
views
SSH'ing into WIN 10
People of the Server-verse, a humble hello from fellow apprentice.
Above line goes out to show i am a newbie and thus need help with trivial probs, so appreciate all help in advance.
I am facing 2 ...
-2
votes
1
answer
45
views
Management of password disable server
This question is just for curiosity. I am studying a bit of server administration and have seen many people saying that having passwords is a bad idea and they should be disabled. But my question is: ...
0
votes
1
answer
1k
views
Can multiple keypairs added to an instance in aws?
Regarding to this question here "https://serverfault.com/questions/221760/multiple-public-keys-for-one-user" and many others on getting ssh access using multiple pub keys for one user, can I ...
0
votes
1
answer
58
views
ssh key pairs: user (public+private) AND host (public+private) OR NOT?
How many types of keys do there exist and where is the private key stored?
First of all, keys can be private(=closed=decripting) and public(=open=encrypting). That's ok. That's a key pair.
But further,...
2
votes
1
answer
2k
views
What does warning `client_input_hostkeys: received duplicated ssh-ed25519 host key` mean?
When I use scp to copy some files from a server, I've lately been getting the following warning:
$ scp -rC myserver.com:~/test.log .
client_input_hostkeys: received duplicated ssh-ed25519 host key
I ...
9
votes
1
answer
12k
views
SSH keys: ed25519 vs RSA performance demystified
It is claimed that ed25519 keys are better than RSA, in terms of security and performance. In terms of security, I understand that 4096 bits RSA keys are practically unbreakable for the foreseable ...
1
vote
1
answer
3k
views
SSH connection issue : How to change folder / file permissions in Windows similarly to Linux?
I have hard times connecting my local PC through SSH to another remote PC. I set the public key on both machines in the authorized_keys folder following this tutorial : https://help.ubuntu.com/...
1
vote
0
answers
1k
views
ssh-copy-id does not update authorized_keys file
I can't configure ssh key on my Synology NAS.
File ~/.ssh/authorized_keys is not created or not updated.
On remote machine (NAS):
$ cd
$ chmod 700 .
$ chmod 700 .ssh
$ touch .ssh/authorized_keys
$ ...
4
votes
1
answer
1k
views
How to validate opendkim generated RSA keys
I'm trying to diagnose OpenDKIM validation errors (see this question). Way down in the belly of the beast, I'm at the point where I'm trying to make sure the keys generated are actually correct.
I'm ...
0
votes
3
answers
2k
views
SSH asks for password even after i copied the public key to the remote machines
Hopefully, someone can help me resolve this nightmare.
I did a project on vagrant provisioning 4 ubuntu machines, 1 controller and 3 servers.
Created SSH key on controller and ssh-copy-id command to 3 ...
3
votes
2
answers
2k
views
Setting up sftp on Amazon Linux 2 with ssh keys, user segregation (sftp vs ssh), different ports, and user directory constraints
TDLR: I have a Catch 22 where, depending on permissions on the user's home directory, I can get the SSH authentication to work, or the user directory constraints, but not both.
BTW, I really want to ...
1
vote
1
answer
3k
views
config for using git via ssh on jump host
With a private key that is only available on a laptop (alice), is there a way to use that key for authentication with gitlab from a server (bob). (Minor, I think, complication being a jump host ...
1
vote
1
answer
235
views
Can I set a limit on attempt number of ssh authentication passphrase?
I recently changed to ssh-key from password for security.
But ssh-key can also be compromised when the private key file is somehow stolen.
So I set a passphrase on the private key.
But it seems that I ...
0
votes
3
answers
666
views
How to setup ssh public key for another machine without access?
This might be a stupid question but I have to ask it anyway:
I already did setup an ssh public key for my client machine A. I copied the public key to the remote server, everything works fine, I can ...
0
votes
0
answers
889
views
Disabling certain OpenSSH keys on OpenBSD: why the corresponding 'sshd_config' entries are ignored and why 'ssh-keygen -A' generates forbidden keys?
I am trying to achieve the followings on my OpenBSD 6.9 servers:
Forbidding the use of all keys but the ssh-ed25519 one on both SERVER and CLIENT sides.
Limiting ssh-keygen -A to generate keys only ...
0
votes
1
answer
2k
views
Where to store private SSH keys?
Looking for a "best-practices" kind of answer when it comes to storing private SSH keys.
Scenario:
VMs are deployed to the cloud using Terraform, they use a single public key. Now the ...
0
votes
1
answer
477
views
How to specify identity when using SSH agent?
I've got a slightly unusual use-case...
I'm using SSH via certificates, (where the authentication mechanism isn't just a signature from a private key, but also presentation of a signed cert).
I have ...
0
votes
1
answer
305
views
Taking input on remote vm
below is my use case , I have to take a input from a user for a specific command which need to run on a remote machine.But my problem is I am not able to access that machine directly so what I am ...
0
votes
1
answer
420
views
Azure Ubuntu VM: Where is my public key file stored (used for SSH login)
With Azure linux virtual machines (Ubuntu in particular), when opting for PKI authentication, where does it store the public key on the server? I can't find any .pub files in my ~/.ssh directory. I'...
3
votes
0
answers
3k
views
Using SSH key for install npm module from private repository inside docker
I make container for nodejs project. Inside the project I am using private repository. I need an access to it. For that I am using next Dockerfile
FROM node:15
RUN echo "StrictHostKeyChecking no&...
0
votes
1
answer
106
views
I have created new .ppk file with new passphrase from .pem file. How do I disable the access using the old ppk with old passphrase?
I am using a Centos based EC2 instance and had shared the ppk file with a passphrase with the team. Now I want to secure it and hence generated ppk file with new passphrase using Puttygen. But I can ...
1
vote
0
answers
149
views
Allow SSH Public Key Login to User on Server without Password
I'm running a few Docker Container at home for some personal training purpose (only local) to educate myself.
I want to SSH from one container to another container. Nearly everything is working. I ...
2
votes
0
answers
1k
views
kex_exchange_identification: Connection closed by remote host
Trying to connect to web servers running on Centos 7 via jump server, earlier this connection used to work fine without any problems, but not sure now what went wrong.
Following is the status
$ ssh -...
0
votes
2
answers
164
views
How to manage the keys in my ~/.ssh/authorized_keys on the server? (login without requiring password each time on a particular machine)
I am trying to follow this answer to login to my server via ssh without typing my extremely long password each time:
https://serverfault.com/a/241593/295203
Right now I have 6 keys in my ...
2
votes
2
answers
863
views
Password security of encrypted SSH private key: How to read round number or costfactor of bcrypt
Here https://security.stackexchange.com/a/52564 you can read that newer OpenSSH versions use bcrypt for protecting the keyfile. Security of bcrypt depends on the costfactor see https://security....
1
vote
1
answer
270
views
How can I share the SSH keyes between two users on a CentOs 7 machine?
I am not a sysadmin\network specialist (I am s software developer) and I am finding the following difficulty working on a Linux CentOS 7 remote machine of a customer.
I am using MobaxTerm to connect ...
-1
votes
1
answer
74
views
Best way to lock out a group once per week [duplicate]
A SSH server I admin is to be allowed login from a group of users all days of week except sunday.
How would be your elegant solution to this? Thanks any input on comments or creative +and+ secure ...
0
votes
0
answers
126
views
Not able to SSH into VM using any of the authorized IDs even from console
I am not able to SSH into my VM on google cloud. The only thing that has changed is that I have now upgraded my account to a paid account from free account. My billing subscription was expired before ...
0
votes
2
answers
128
views
SSH wont log into VPS using DNS
I'm working on a Virtual Machine where I have Ubuntu Server, in that server I connect to my cloud server (ubuntu), via ssh , but when I tried to log in with this syntax:
ssh subdomain.example.com
It ...
0
votes
1
answer
552
views
What is the best method for adding RSA Key Fingerprints to known_hosts upon provisioning each server?
This question was inspired by this thread
The hypothetical scenario, for context is as follows:
SSH servers, whether they be routers, firewalls etc. are all firstly provisioned within a private + ...
0
votes
2
answers
362
views
Accidently removed user profile with SSH key
I accidentally removed my user profile with SSH key on google cloud VM, so now I don't even have the possibility to connect to that machine. It's not a big deal since that VM is for testing purposes, ...
1
vote
1
answer
622
views
Why can't I use scp after having set up ssh-copy-id
I rent a shared hosting server. I have set up the login to be through keys (private/public) by the use of ssh-copy-id, and now that works when i type
ssh [email protected]
(Since I choose to have a ...
0
votes
1
answer
598
views
missing ssh key in results returned by ssh-keyscan?
in short
[newbie here] Why can't I find my SSH key with which I connect to my server in what is returned by ssh-keyscan -H my_server_address ?
I rent a dedicated server based on Debian 10 (OVH)
The ...
1
vote
1
answer
241
views
Unable connect to SSH GCE
I created a VM on Google Compute Engine. I had no problems connecting to SSH before but when I tried to upload files to FTP it crashed me out of the session, then I could not login to FTP at all and I ...
2
votes
0
answers
123
views
AWS SSH Login continues to fail even with new EC2 instance [Permission denied (PublicKey)]
I just started working with AWS to create a wordpress site on an EC2 instance (using the tutorial at https://www.youtube.com/watch?v=4WR7EFFLF04). Everything was working fine until I tried to add an ...
0
votes
2
answers
360
views
how can we edit ssh keys of VM In GCP Please guide
My ssh Keys in Vm Instance are showing "expireOn":"2020-11-20T00:06:44+000"
since then i am unable to connect to my VM and also not able to connect via SSH
Please guide on how to ...
0
votes
1
answer
2k
views
I want to combine my rsa.public with my rsa.private to a .pfx that I can use to digitally sign an xml file
Here is the code I have so far:
for the private key:
openssl genrsa -out rsa.private 1024
for the public key:
openssl rsa -in rsa.private -out rsa.public -pubout -outform PEM
Then I'm trying to ...
0
votes
0
answers
126
views
SSH connection strange behavior
I am using windows10 and I can connect to my server(Ubuntu 18.04) with PowerShell and Putty.
but not with the other two ssh client I have (MobaXtrem,Bitvise).
but when i turn on my VPN(SeedVpn) on ...
1
vote
1
answer
385
views
ssh-keygen: signing syntax - help needed with options
I am trying to sign some SSH keys with restricted options.
My initial attempt was as follows:
ssh-keygen -s /path/to/ca-ssh.pem -D opensc-pkcs11.so -n barfoo -O no-agent-forwarding -O no-port-...