I have the vagrant virtual machine running.
I can ssh into it using ssh vagrant#192.168.0.28 then it ask me the pass phrase for the private key , which I can enter and then it logs me in.
but if I use:
ansible all -m ping
then I get this:
192.168.0.28 | FAILED => FAILED: ssh moor#192.168.0.28:22 : Private key file is encrypted
To connect as a different user, use -u <username>.
How can I enter pass phrase in ansible?
I tried ansible -k but it says authentication failed.
Try using ssh as the transport. Generally, Ansible uses paramiko which is not as friendly for interactive sessions:
ansible all -c ssh -m ping
If that doesn't work, I didn't see anything on running Ansible with an ssh key pass phrase on the documentation or in the code, so you might have to remove it with something like this:
openssl rsa -in private_key_with_pass_phrase -out private_key_without_pass_phrase
i have tried
cd ~/.ssh/
openssl rsa -in id_rsa -out id_rsa_without_pass_phrase
and got error
unable to load Private Key
routines:get_name:no start line:../crypto/pem/pem_lib.c:745:Expecting: ANY PRIVATE KEY
solution was to run this command:
cd ~/.ssh/
ssh-keygen -p -f id_rsa -m PEM
Related
I have Linux VM on Azure which at first set without SSH keys. which means authentication is made only with password via SSH. I would like to change it now. I tried the way I know, I can login with the keys - but still login with password.
What else did I miss? There is something else?
Thanks
Tried to configure SSH key, disable the 'passwordauthentication'
Change ssh config
Add key via azure portal
Try to following these steps -
Login to your existing azure VM using passwords authentication.
Create new ssh key pair.
ssh-keygen -t rsa -b 2048
Replace ~/.ssh/authorized_keys with ~/.ssh/id_rsa.pub key
mv ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys
Save ~/.ssh/id_rsa public key to your local system.
Edit /etc/ssh/sshd_config and make following changes
Change PasswordAuthentication to this:
PasswordAuthentication no
Change PubkeyAuthentication to this:
PubkeyAuthentication yes
Change PermitRootLogin to this:
PermitRootLogin no
Change ChallengeResponseAuthentication to this:
ChallengeResponseAuthentication no
Restart the vm using following command
sudo systemctl restart ssh
I tried to reproduce the same in my environment and got the results like below:
I have created Linux VM on Azure first set without SSH keys only with password via SSH then I tried to authentication to ssh key like below:
Create SSH key pair:
ssh-keygen -t rsa -b 2048
Then, use /home/<user>/.ssh/id_rsa.pub
Enter passphrase: Give your password
Once you enter password RSA will executed successfully like below:
Then try to move to id_rsa to authorized using below script:
`mv/home/<user>/.ssh/id_rsa.pub/home/<user>/.ssh/authorized_keys`
when I run this cmd cat id_rsa I got public key successfully like below
I agree with schine som And save public key open config file with vi and try restart like below:
PasswordAuthentication no
PubkeyAuthentication yes
PermitRootLogin no
ChallengeResponseAuthentication no
Good day, I'm trying to figure out how to get a user to ssh into openWRT with only a key.
I followed these instructions:
https://wiki.openwrt.org/oldwiki/dropbearpublickeyauthenticationhowto.
In short:
On a Linux box:
If you haven't already got a
.ssh/id_dsa.pub
ssh-keygen -t dsa
scp ~/.ssh/id_dsa.pub root#192.168.1.1:/tmp
On openWRT:
cd /etc/dropbear
cat /tmp/id_*.pub >> authorized_keys
chmod 0600 authorized_keys
When I try and ssh in, I get this error:
authpriv.warn dropbear[2085]: Pubkey auth attempt with unknown algo for 'MyUser' from 1.2.3.4:11111
I have tried generating a RSA key too, same result.
I can log in as the user using a password:
authpriv.notice dropbear[2089]: Password auth succeeded for 'MyUser' from 1.2.3.4:11111
Maybe it's the problem of the OpenWRT version.
Try ${HOME}/.ssh/authorized_keys instead.
Ok, I have been searching for few hours and cannot seem to find the solution.
I have a file on a remote server to which one of the local users on that server has write access. I have the credentials. The requirement is:
The shell/perl script should automatically login to the server and write to that file.
The script should work from any server on the network without installing any extra packages as that will require me to sudo which will again ask for password and is therefore not possible from script.
I tried using expect but the server keeps saying spawn not found.
Please advise.
#!/bin/bash
ssh -l username hostname "password; ~/updatefile.sh params"
Doesn't work.
To use the key method, try the following:
#!/usr/bin/env ssh-agent /usr/bin/env bash
KEYFILE=`mktemp`
cat << EOF > ${KEYFILE}
-----BEGIN RSA PRIVATE KEY-----
[.......]
EOF
ssh-add ${KEYFILE}
ssh user host command
# Remove the key file.
rm -f ${KEYFILE}
To generate a key for use, refer to the following: http://www.ece.uci.edu/~chou/ssh-key.html
This is my code:
ssh-keygen -t rsa -C "$APP"
This works perfectly. However it then asks me to specify location and password. I was hoping I can automate this all in one go, however this command fails:
ssh-keygen -t rsa -C "$APP" -P "$SSHKEYPASS" -T ~/.ssh/id_rsa.pub
This command seems to fail though, when I specify the password I want for the key and location in the same line. I don't really understand the man page:
http://linux.die.net/man/1/ssh-keygen
Can anyone tell me where I have gone wrong?
-P is for the old passphrase, to create a key I assume you want -N for the new passphrase.
-T is for DH group test output it appears (not that I know what that is exactly).
You want -f to specify the key filename. And you specify the private key file not the public key file.
So try:
ssh-keygen -t rsa -C "$APP" -N "$SSHKEYPASS" -f ~/.ssh/id_rsa
I need to use a bash script to do the following:
generate public private key on NodeA
Copy the public key into a remote NodeB 's authorized_keys
Add NodeB to NodeA's known_hosts.
I need to do all this without a password prompt for ssh-ing into NodeB
In the second step I am even specifying the private key with "-i".
The following script I have now still asks for password
#!/bin/bash
sudo ssh-keygen -t rsa -N "" -f /root/.ssh/id_ccn_rsa
ssh -i /root/.ssh/id_ccn_rsa -o StrictHostKeyChecking=no $1
sudo sh -c "ssh-keyscan $1 >> /root/.ssh/known_hosts"
There is no magic.
To deploy the key you MUST be able to login without the key at least one time. Or have someone who can login and has root access deploy the public key for you.
You cannot login without a password and without a key unless your account was set up without a password AND sshd was configured with the non-default PermitEmptyPasswords yes option.