I downloaded rsync 3.1.3 from the official website and the relative signature but I am not able to verify the signature.
This does not work
$ gpg --verify signature.sig rsync.tar.gz
gpg: unknown armor header: Version: GnuPG v1
gpg: Signature made Sun Jan 28 23:57:59 2018 UTC using DSA key ID 4B96A8C5
gpg: Can't check signature: public key not found
I looked at this link and so I tried these commands, not working:
$ gpg --output rsync.tar.gz --decrypt signature.sig
gpg: unknown armor header: Version: GnuPG v1
Detached signature.
Please enter name of data file: rsync.tar.gz
gpg: Signature made Sun Jan 28 23:57:59 2018 UTC using DSA key ID 4B96A8C5
gpg: Can't check signature: public key not found
$ gpg --output rsync.tar.gz --verify signature.sig
gpg: unknown armor header: Version: GnuPG v1
gpg: no signed data
gpg: can't hash datafile: file open error
What should I do?
The problem here is you've renamed the file of the detached signatures, the original detached signature is named the same as the file with an additional extension.
bash-4.4$ ls -l rsync-3.1.3.tar.gz*
-rw-r--r-- 1 ben wheel 905908 29 Jan 10:54 rsync-3.1.3.tar.gz
-rw-r--r-- 1 ben wheel 181 29 Jan 10:58 rsync-3.1.3.tar.gz.asc
bash-4.4$ gpg --verify rsync-3.1.3.tar.gz.asc
gpg: assuming signed data in 'rsync-3.1.3.tar.gz'
gpg: Signature made Mon 29 Jan 10:57:59 2018 AEDT
gpg: using DSA key 0x6C859FB14B96A8C5
gpg: Good signature from "Wayne Davison <wayned#users.sourceforge.net>" [unknown]
gpg: aka "Wayne Davison <wayned#samba.org>" [unknown]
gpg: wayned#samba.org: Verified 1 signature in the past 13 seconds. Encrypted
0 messages.
gpg: wayned#users.sourceforge.net: Verified 1 signature in the past 13 seconds.
Encrypted 0 messages.
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0048 C8B0 26D4 C96F 0E58 9C2F 6C85 9FB1 4B96 A8C5
bash-4.4$
When retaining the correct filename and running the verify command on that, GPG correctly determines the name of the signed file and checks the signature against it.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I've already looked for similar questions and tried changing several things in my configuration but couldn't come up with a solution.
I'm trying to connecting via SSH to a Docker container, here's the Dockerfile:
FROM ubuntu
RUN apt-get update && \
apt-get install -y openssh-server
RUN useradd remote_user && \
echo "remote_user:test1234" | chpasswd && \
mkdir /home/remote_user/.ssh -p && \
chmod 700 /home/remote_user/.ssh && \
mkdir -p -m0755 /var/run/sshd
COPY id_rsa.pub /home/remote_user/.ssh/authorized_keys
RUN chown remote_user:remote_user -R /home/remote_user && \
chmod 600 /home/remote_user/.ssh/authorized_keys
RUN apt-get install -y php php-mbstring php-xml php-bcmath php-fpm && \
apt-get install -y composer && apt-get install -y vim
RUN apt-get install -y nginx
CMD /usr/sbin/sshd -D
Once I try to connect to the container as "remote_user" with ssh -Tv remote_user#staging.local (where "staging.local" is the container IP) I get this message:
...
...
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519#openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256#openssh.com>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/xxx/.ssh/id_rsa RSA SHA256:5QNPe89pdQp+tgE61N9YPaIJEs8QR9DxaChmStfvzBU agent
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: xxx#xxx RSA SHA256:C+VWlGUd4mVywHnh8JWtjL0gmO8cuqUEs4YYCbQGvaE agent
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/xxx/.ssh/id_dsa
debug1: Trying private key: /home/xxx/.ssh/id_ecdsa
debug1: Trying private key: /home/xxx/.ssh/id_ecdsa_sk
debug1: Trying private key: /home/xxx/.ssh/id_ed25519
debug1: Trying private key: /home/xxx/.ssh/id_ed25519_sk
debug1: Trying private key: /home/xxx/.ssh/id_xmss
debug1: Next authentication method: password
remote_user#staging.local's password:
As you can see it can't connect and is asking for the password.
If I ls -ll .ssh folder files in my host machine I have this:
-rw------- 1 xxx xxx 2610 Jan 3 12:08 id_rsa
-rw-r--r-- 1 xxx xxx 577 Jan 3 12:08 id_rsa.pub
-rw-r--r-- 1 xxx xxx 222 Jan 3 12:25 known_hosts
If I docker exec into the container as root user and see permissions of /home/remote_user/.ssh I have:
home folder permissions:
drwxr-xr-x 1 root root 4096 Jan 3 11:22 home
remote_user folder permissions:
drwxr-xr-x 1 remote_user remote_user 4096 Jan 3 11:22 remote_user
.ssh folder permissions:
drwx------ 1 remote_user remote_user 4096 Jan 3 11:22 .ssh
authorized_keys file permissions:
-rw------- 1 remote_user remote_user 577 Jan 3 11:08 authorized_keys
Try changing the permissions for the /home/remote_user/.ssh/authorized_keys to 400 instead of 600. Other than that, I don't see any difference between my own setup.
p.s.
My setup runs with ubuntu 18.04 so maybe they changed something since then.
It should work if you forward the port :
docker run -p 222:22 your-image
then :
ssh -p 222 remote_user#localhost
I can connect from my windows PC using putty to my AMI E2C linux instances but I cannot ssh from one instance to another. I get the following error message, I have just copied the last part of the error message:
debug1: Found key in /home/ec2-user/.ssh/known_hosts:3
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/ec2-user/.ssh/id_rsa
debug1: Trying private key: /home/ec2-user/.ssh/id_dsa
debug1: Trying private key: /home/ec2-user/.ssh/id_ecdsa
debug1: Trying private key: /home/ec2-user/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).
the security group for all servers has SSH open to source 0.0.0.0
I have tried creating new ssh keys, ssh-keygen -t -rsa, and copying and pasting the content of the .pub file to /.ssh/authorized_keys file on the other server. But it still does not work.
I have tried copying contents of both files to the other server to /.ssh keeping the same file name and running chmod 600 again both files. But still it does not work.
I cannot believe it, I have been stuck on this issue for 2 days.
On closer inspection of the ID_RSA file I created on the server I wanted to connect to, which I had a copy and pasted the public key from the other server, did not have all of the key pasted. The copy and paste function missed off the first few characters of the key.
Once I put those in the ssh connection worked!
It might be that you're creating key with non-standard name.
This is how I do in this case:
server #1:
$ ls -la ~/
...
drwx------ 2 ec2-user ec2-user 4096 Mar 16 00:27 .ssh
...
$ ls -l ~/.ssh
total 12
-rw------- 1 ec2-user ec2-user 731 Mar 3 16:05 authorized_keys
-rw-r--r-- 1 ec2-user ec2-user 2220 Mar 17 11:39 known_hosts
-rw------- 1 ec2-user ec2-user 3326 Mar 4 00:48 roman.pem
server #2:
$ ls -la ~/
...
drwx------ 2 ec2-user ec2-user 4096 Mar 17 12:10 .ssh
...
$ ls -l ~/.ssh
total 4
-rw------- 1 ec2-user ec2-user 731 Mar 17 12:10 authorized_keys
authorized_keys has only one record and is identical to the one from server #1
This is the command I use for connection from server #1 to server #2:
$ ssh -v <server#2-ip> -i ~/.ssh/roman.pem
As you can see, I use -i to specify full path to key name.
Update:
Also, custom key could be added to ssh-agent on server #1: ssh-add ~/.ssh/roman.pem in order to skip -i switch.
I have generated public and private key pair for git in windows and it is working fine in windows. And I tried to use the same key pair in linux in virtual box by copying the .ssh folder to ~/.ssh folder of linux.
Now when I try to perform git commands like clone, fetch in linux it is asking for password. I haven't specified any password for this. How to resolve this?
Thanks in advance.
Here is my : ls -la ~/.ssh
user#g3gdev-user:~$ ls -la ~/.ssh
total 28
drwxrwxrwx 2 user user 4096 Jun 21 11:07 .
drwxr-xr-x 43 user user 4096 Jun 23 10:59 ..
-rwxr-xr-x 1 root root 1464 Jun 21 11:05 git_key.ppk
-rw------- 1 user user 1464 Jun 21 11:05 git_new_key.ppk
-rwx------ 1 user user 1675 Jun 21 11:05 id_rsa
-rw------- 1 user user 400 Jun 21 11:05 id_rsa.pub
-rwxrwxrwx 1 user user 415 Jun 21 11:05 known_hosts
May be you have to open the generated key in puttyGen, and then go to Conversion, then Export to openSSH. Use this openSSH for your linux systems. There is a small difference between openssh and ssh.
I have a linux box:
Linux vuappserver 2.6.32-5-686 #1 SMP Mon Oct 3 04:15:24 UTC 2011 i686 GNU/Linux
I use SMB + windbind to join to and Active Directory
But right now I try to add a local user:
useradd test
but when I try to change the password I receive this error:
root#server:/home/vu# passwd test
Current Kerberos password:
passwd: Authentication token manipulation error
passwd: password unchanged
I checked the permissions of this files:
-rw-r--r-- 1 0 0 1350 Apr 5 23:17 /etc/passwd
-rw-r----- 1 0 42 941 Apr 5 23:17 /etc/shadow
Any ideas?
Thanks
by default pam_krb5.so set the "minimun_uid" to 1000 in /etc/pam.d/common-*
e.g.:
password [success=3 default=ignore] pam_krb5.so minimum_uid=1000
my user had uid=1001 and according to the default setup, kerberos took control (bad thing). In the other hand, the mapping for my AD users was in a higher range (/etc/samba/smb.conf):
idmap config * : range = 10000-40000
So, I adjusted the "minimun_uid" in /etc/pam.d/common-* to 10000, and now I'm happy :-)
If you're in a Windows domain, your authentication configuration (most probably /etc/pam.d/common-auth and /etc/pam.d/passwd) is pointing that to change a password, it must be synchronized with the domain (via Kerberos/LDAP).
You can instruct the passwd command to change a local account by specifying which accounts repository/authentication realm you would like to change:
passwd -r files account_name
Check the man page for passwd on the -r option.
I am configuring hadoop on Ubuntu os. I need to create RSA key pair to allow hadoop to interact with its nodes, so i running this command:
hadoop#ubuntu:~$ ssh-keygen -t rsa -P ""
then I get this:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/hadoop/.ssh/id_rsa):
Could not create directory '/home/hadoop/.ssh': permission denied.
Enter passphrase (empty for no passphrase ):
Enter same passphrase again:
open /home/hadoop/.ssh/id_rsa failed: No such file or directory.
Saving the key failed: /home/hadoop/.ssh/id_rsa.
Forgot to create .ssh dir in your home?
Try that:
mkdir -p ~/.ssh
then re-run ssh-keygen.
Also possibly you doing ssh-keys creation from wrong user.. You started that shell using sudo?
Try to set HOME dir manually or enter right path in prompt.
check your home directory name and permissions
echo $HOME
cd ~ ; ls -l
ls -l .ssh
ls -lR .ssh
if above output is OK and you have correct permissions, perhaps your quota is full
try with "sudo" and see what happens...
Seems like current user doesn't own the contents under home directory.
Gain the ownership as shown as below:
admin#mydb22-02:~$ sudo chown admin.admin /home/admin/
admin#mydb22-02:~$ ls -la
total 32
drwxr-xr-x 2 admin admin 4096 Nov 3 23:29 .
drwxr-xr-x 3 admin admin 4096 Dec 23 2012 ..
-rw------- 1 admin admin 191 Feb 13 2013 .bash_history
-rw-r--r-- 1 admin admin 220 Apr 3 2012 .bash_logout
-rw-r--r-- 1 admin admin 3486 Apr 3 2012 .bashrc
-rw-r--r-- 1 admin admin 675 Apr 3 2012 .profile
-rw-r--r-- 1 admin admin 0 Nov 3 23:29 .sudo_as_admin_successful
-rw------- 1 admin admin 4221 Nov 3 20:31 .viminfo
generating keys would work now as .ssh directory will now be created and owned by current user after generating the assymetric keys
I have spent arround 1 hr on this and finally got the solution. It is due to permission problem. You have to use chown for your 'hadoop user'.
1. First make hadoop directory.
cd /home
mkdir hadoop
then check 'ls -l'. it gives result like :
drwxr-xr-x 2 hadoop hadoop 4096 Aug 22 22:17 hadoop
2. sudo chown hadoop.hadoop /home/hadoop/
3. Then run remaining command for key generater.