[GUIDE] Enable SSH with Public Key Authentication (Securing remote webUI access to OMV)

  • Hi,
    i have the following question: Where are the ssh keys of a user located in omv?


    Normally i'd expect them in:

    Code
    /home/user/.ssh/


    When you add a new user in omv, you don't have at first a "home". You have to activate the "home" in the settings section of the user administration and set a shared folder for the "homes". But even then the home folders remain empty and have no ".ssh" folder.


    Even when you paste your generated public key in the "public key" field of the user setting, ssh logins work fine but the "home" folder still remains empty.


    Where are the keys?


    Regards,
    Bebass

  • @tekkb or @subzero79: Can 2 SSH keys be added to one user? in "/var/lib/openmediavault/ssh/authorized_keys" it just has the username. I'm assuming that only the user with that username can use that key. How would I add a second pub key to same user?

    Modpic.gif

    Dell Precision T3500
    Processor:
    Intel Core i7 960 @3.2ghz
    Memory:
    26GB RAM
    Kernel: Linux 5.10.0-0.bpo.9-amd64
    Version: 5.6.2-1 (Usul) Debian Buster [From Fresh Install of 5]

    • Official Post

    I don't know if the text field supports a return string. Authorized keys can be multiline only, so in this case I guess you can only add it by modifying the file in terminal. @votdev can give you a better answer if is possible or he designed one pub key per user.


    you can test by pasting two pub keys in a text editor in two consecutive lines then paste it at the user ssh field..

  • Okay I had some issues when it came to creating the ssh public key so here is the solution for the format it wanted:


    *After creating your key", run:


    ssh-keygen -e -f .ssh/id_rsa << The path needs to point to your private_key


    this will print out the key in the right format you need to copy & paste directly in.

  • I think I am being an idiot, but how do I do this bit from a Windows 8 machine?


    OMV Stoneburner 2.1.x with 3.16 backports kernel
    Asus Z87I-Pro | i7-4770 | 16GB RAM
    Plugins: Calibre | fail2ban | MySQL | NUT | SMB/CIFS | SSH | VirtualBox

  • Iv'e been trying to work out the whole ssh thing but i am very new to linux and terminals. OSX was used to create the sshremote.pub key.


    I followed the guide and everything worked great until i get to this part (ssh ssh-user-access@IP_OF_NAS -i .ssh/privatekey).


    I made a user with the same name ssh-user-access and put it in the ssh group and added the private key that i took from the terminal after using ssh-keygen -e -f /home/user/.ssh/sshremote.pub


    I than went over to my OMV NAS and logged into root (i also tried using ssh-user-access) but i get an error "Warning: Identity file .ssh/privatekey not accessible: no such file or directory" and "Permission denied (publickey)"


    Thanks for any help guys, this is driving me crazy :D

  • I'm having trouble getting my keys setup.
    I get the following error at the specified step:


    [fubz.LOCA_MACHINE] ➤ ssh ssh-user-access@192.168.1.135 -i .ssh/sshacess
    Warning: Identity file .ssh/sshacess not accessible: No such file or directory.


    I'm not sure how or when my sshacess file should have been created

  • I don't have sshacess
    This command is suppose to be run on my local machine, correct?


    [fubz.LOCAL_MACHINE] ➤ ls -a .ssh
    . .. id_dsa id_dsa.pub id_rsa id_rsa.pub known_hosts



    Also... what does the ssh-user-access part mean? That command looks like a connection command, is that suppose to be the user I created in OMV?

  • I figured it out, I tried to read through the instructions without taking the time to understand what I was doing.
    ssh-user-access is in fact the user I created in OMV
    the -i command needs me to point to my private key I created on my local machine.


    Once I completed the guide now I can connect with a simple ssh user@host

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!