Fixing Public Key Authentication

  • Any chance Windows Notepad was used anywhere in this process?

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 16GB ECC RAM.

  • I am beginning to suspect the key format that was used when creating your keys is not compatible with what OMV's Openssh is expecting.


    What were the choices for key format when you created the keys?

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 16GB ECC RAM.

  • RSA, DSA, ECDSA, EdDsa, SSH-1 (RSA)

    What's strange is that in the user's section where you put your public key value in, if it's not formatted correctly it will tell you.

    When I put this one in, it didn't say there was any formatting issues with it.

    I suppose I could create the pair via the linux box itself.

  • When I run this command: ssh-keygen -t rsa and add the passphrase, i get a permission denied.

    The directory is /home/eric/.ssh. I think the permissions are jacked up with this directory. How do I fix this so that I can actually save files in here without having to sudo?

    This command: ls -l /home/eric/.ssh shows:



    These are the permissions for the files in the /home/eric/.ssh directory but I think the permissions are jacked up with this .ssh directory.

    Here's the permission error:

  • Yep, I think at the core of this, when I have to sudo the: ssh-keygen -t rsa command, it's making the key have root@servername and not eric@servername.

    I need to get the permissions on /home/eric/.ssh fixed then I think I'll be good!

    Can you help with that?

  • Accept the default file name for the key, don't use omv.


    Show the output of


    ls -al /home/eric

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 16GB ECC RAM.

  • I just went through the process here: [GUIDE] Enable SSH with Public Key Authentication (Securing remote webUI access to OMV)


    I created the key on my omv box with: ssh-keygen -t rsa

    Converted the key: ssh-keygen -e -f ~/.ssh/id_rsa.pub

    SCP'd the public and private keys over to my Windoze box.

    Opened the private key in PuttyGen, copied the public key text, and pasted into the 'public keys' section in OMV web ui.

    Pointed putty to the private key that I copied above.

    When I log in, the server is still refusing my key.


    Maybe permissions? Maybe not.

  • Here's my ssh_config if that will help to diagnose:

    Protocol 2

    HostKey /etc/ssh/ssh_host_rsa_key

    HostKey /etc/ssh/ssh_host_dsa_key

    HostKey /etc/ssh/ssh_host_ecdsa_key

    HostKey /etc/ssh/ssh_host_ed25519_key

    SyslogFacility AUTH

    LogLevel INFO

    LoginGraceTime 120

    StrictModes yes

    IgnoreRhosts yes

    HostbasedAuthentication no

    PermitEmptyPasswords no

    ChallengeResponseAuthentication no

    X11Forwarding yes

    X11DisplayOffset 10

    PrintMotd no

    PrintLastLog yes

    TCPKeepAlive yes

    AcceptEnv LANG LC_*

    Subsystem sftp /usr/lib/openssh/sftp-server

    UsePAM yes

    AllowGroups root ssh

    AddressFamily any

    Port 22

    PermitRootLogin no

    AllowTcpForwarding yes

    Compression yes

    PasswordAuthentication yes

    AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 /var/lib/openmediavault/ssh/authorized_keys/%u

    PubkeyAuthentication yes

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!