Questions tagged [ssh-keys]
an authorization mechanism for SSH involving public-key cryptography.
818 questions
1 vote
1 answer
39 views
ssh key login does not work after enabling DISA STIGs
After enabling the STIGs, SSH keys have stopped working. You present the key and it still asks for a password. Things I've tried: Confirmed I'm using RSA with SHA2 which is accepted Confirmed that ...
- 1,198
0 votes
1 answer
48 views
One key pair for all of different pair for all when doing rundeck / ansible automation
If I wanted to run an Ansible playbook on 300 Linux VMs in vSPhere, how would I configure the SSH connection? Do I create a private key on every Linux VM and import it into rundeck for use with the ...
- 101
1 vote
0 answers
33 views
Can't figure out the good ssh config via a jump host (ProxyJump) with private key only on the jump host
ASCII representation of the workflow [Local Machine] | | SSH ProxyJump / ProxyCommand v ----------------- | Jump Host | <- Private key here | xxx | ------...
- 1,383
0 votes
1 answer
59 views
How to add SSH `-o` options to Ruby’s tty-command?
I have a site on an older version of Debian (update pending for various reasons). To log in to the server on the command-line I needed to add rsa key options to my SSH "config" file: Host ...
- 233
1 vote
1 answer
149 views
SSH items with kex algorithms mismatch
Zabbix 7.2 OS Oracle Linux 9.6 I have a legacy switch that is monitored by a Zabbix Proxy and has SSH items configured. However, the SSH items are unable to reach the host due to a mismatch in Kex ...
- 143
0 votes
0 answers
54 views
ssh connection error (ssh_config attached)
(base) haohao@zhangjunhaodebijixingdiannao .ssh % sudo ssh [email protected] -v OpenSSH_9.9p1, LibreSSL 3.3.6 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: ...
- 1
0 votes
1 answer
71 views
VS Code Bypasses OpenSSH Server Configuration
I am using an Ubuntu 24.04 server with OpenSSH. The /etc/ssh/sshd_config uses the following options: PermitRootLogin no PubkeyAuthentication yes PasswordAuthentication no KbdInteractiveAuthentication ...
- 103
3 votes
1 answer
218 views
ssh connection to all remote hosts, remote host reset connection after kex
I am on an Ubuntu 24.04.2 LTS client, and tried connecting to both a Debian 13 server and Linux Mint 22 server. I am using OpenSSH_9.6p1 Ubuntu-3ubuntu13.9, OpenSSL 3.0.13 30 Jan 2024 If I SSH with -...
- 151
2 votes
1 answer
736 views
Connection with OpenSSH 7.4p1 is not accepted by system using OpenSSH 8.7p1 – How to allow it?
I have the following old Linux system and use a proprietary software tool which tries to copy files (with either sftp or curl) to a newer Linux system but it fails. The systems are: Property ...
- 123
0 votes
0 answers
76 views
GCP expired ssh keys reappear after deleting
Being unable to connect to my GCP VM instance I realized it was due to expired ssh keys. So I created a new public key and deleted the expired keys by editing the VM. After adding the new key, I was ...
google-cloud-platform
0 votes
0 answers
29 views
gnome keyring problems too many authentications
So I have a problem with how GNOME keyring works. I connect to a certain server internal Linux server using XRDP, the FROM server. When the resulting X Session loads - GNOME keyring loads ALL ssh keys....
- 101
0 votes
1 answer
102 views
Enable SSH login with password on MAAS deployed nodes\
I have provisioned few nodes with MAAS controller, Now I want to enable ssh login with password. Tried changing sshd config file but didnt worked. with ssh keys it works just fine.
- 57
1 vote
1 answer
453 views
Is there a way to set OpenSSH and MIT Kerberos on windows without PuTTY?
I need to connect through OpenSSH from Windows to a remote Linux server using a Kerberos ticket. I can: Connect to the account through SSH after getting a ticket on a cygwin64 terminal with a certain ....
- 11
0 votes
1 answer
360 views
Unifi Cloud Key Gen 1 SSH With Public Key Authentication
I'm trying to configure my Gen 1 Cloud Key (CK) to allow passwordless authentication so I can run a bash script to download autobackup files. I'm able to SSH into the CK "manually" and also ...
- 103
0 votes
1 answer
499 views
SSH host key rotation – known_hosts not updated
I created new host keys on serverA, updated sshd_config accordingly (adding the line below) and restarted ssh: cd /etc/ssh sudo ssh-keygen -f 2024_ssh_host_ed25519_key -t ed25519 -N '' sudo vi /etc/...
- 291
0 votes
1 answer
127 views
Cannot SSH compute engine VM because "gpasswd: /etc/group.3718: No space left on device"
I can't access SSH from anywhere, not able to auto create ssh user ssh key, so how can I free/cleanup my VM device space? trying access via serial port output
0 votes
1 answer
47 views
I'm getting a different server key when i try to log in to the same ip address using an alias
I logged into a remote server using my username via ssh using the ip address ssh user@ipaddress Got the following server key which is in my known_hosts file and in the server's public key file: ssh-...
3 votes
1 answer
530 views
How to select SSH key by fingerprint from ssh-agent, while using `IdentitiesOnly yes` option?
This would be useful in situations where: serving SSH keys via KeePass where there is no file path, and there are otherwise too many keys: as ssh tries all of them and some hosts are configured to ...
1 vote
0 answers
276 views
Revoking SSH certificates for per-user cert-authority
In OpenSSH, it's possible to grant access to an entire CA in a single user's authorized keys file using a cert-authority directive (reference). This means I can create my own CA and sign keys for all ...
- 227
1 vote
1 answer
846 views
How to configure SSH passwordless login authentication in local server
I hope you are well I have 2 servers set up at home (a raspberry pi with Ubuntu server and a laptop with Ubuntu Desktop) they are configured with password login and I have configured and enabled SSH ...
- 11
1 vote
1 answer
735 views
How do I enable Google Authenticator (TOTP) with SSH keys with a passphrase on Debian 12?
TL;DR: I ran google-authenticator when logged in as the root user. I should've run it as my normal user account instead. I have just installed Debian 12 on a spare Apple Mac Mini. I want to control it ...
- 21
0 votes
2 answers
624 views
Creating an ssh keypair for AWS Lightsail/EC2 instances doesn't work as expected
I've created a fair few SSH keypairs in my days but AWS seems to handle them differently. I'm using AWS Lightsail and it has a notion of 'default' keypairs. This is fine for the 'normal' user that AWS ...
1 vote
1 answer
732 views
Even if SSH is set up, it always asks for the password when logging into the server
I have an Ubuntu server. I use ssh to access it. It worked fine at first. When user@IP is given along with SSH key, it will log into the server without asking for password. But recently, even with SSH,...
0 votes
1 answer
691 views
ssh from CL using keyfile from Windows client to Linux server
This sort of thing drives me crazy - hopefully obvious solution(s). Have keys on Win 10 laptop, and on one of my Linux servers. If I use puTTY, where I can explicitly browse to the keyfile on the ...
- 151
3 votes
2 answers
8k views
userauth_pubkey: signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms after upgrade of OpenSSH
After an upgrade I can no longer log in to my box (FreeBSD 14.0) using RSA key getting: userauth_pubkey: signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms in /var/logs/auth.log on every ...
- 181
2 votes
0 answers
763 views
Server host key changing frequently
Im trying to connect to my ubuntu server via ssh from Windows. Unlike my another ubuntu server from same dedicated server hosting, the server host key changing frequently. I get WARNING: REMOTE HOST ...
- 21
0 votes
1 answer
164 views
Is there a solution to manage users in some systems or at least in linux?
I work somewhere with a lot of Linux and VPS servers. When someone joins the company, other staff members need to add his SSH key to each server; conversely, if someone leaves, all of his SSH keys ...
0 votes
0 answers
103 views
Custom Linux AMI: How does AWS know where to install account SSH .PEM files when an AMI is provisioned?
We are building a custom AMI from a template EC2 EBS instance snapshot (Oracle Linux 8). This page shows there are many different user names depending on the AMI you choose: https://docs.aws.amazon....
- 251
1 vote
1 answer
370 views
Remote Linux server GitHub permission denied publickey issues
I am experiencing publickey permission issues when trying to pull a private repo from GitHub to a remote Linux server. Update Ran ssh -v -o IdentitiesOnly=yes -i ~/.ssh/id_rsa [email protected] command ...
github
- 141
0 votes
0 answers
298 views
How safely obtain and check host public key for `known_hosts`?
For a newly deployed instance I get the following message for the first time SSH connection: The authenticity of host '[hostname] ([IP address])' can't be established. RSA key fingerprint is [key ...
- 238
10 votes
4 answers
7k views
How do I prevent users from messing with their own .ssh folder?
I'm administrating a RedHat server where users log in through SSH with private/pub key based authentication. I'd like to prevent them from accidentally changing / deleting /chmoding the content of ...
- 203
6 votes
2 answers
3k views
How to prevent OpenSSH from creating a new known_hosts file every time it updates it?
It seems that every time I accept a new host key, ssh (I've tested 8.6p1 and 9.3p2) does the following steps: Move the known_hosts file to known_hosts.old; Create a new known_hosts file; Copy the ...
- 173
1 vote
0 answers
283 views
Can not SSH to GUI Ubuntu on Login Screen
I have a laptop with Ubuntu installed, and I've set up SSH using a key, and everything was working fine (I could SSH into the laptop from another computer). Then, I rebooted the laptop, and on the ...
- 11
1 vote
2 answers
3k views
How to remove all lines with the same public key from known_hosts?
Let's imagine the following scenario. I have an host key ABCDEF1234 for a given hostname, so my known_hosts file looks like this (unhashed version): example.com ssh-rsa ABCDEF1234 Now I connect to it,...
- 242
0 votes
1 answer
167 views
Home directory, user database and key-based authentication
I want to share it NFS share with my users just like the home-directories (traditional way), but I don't want to create the users instead I want to get the server integrated with the github or google ...
- 115
-2 votes
2 answers
354 views
the theory of SSH public and Private key and its application in realworld machines [closed]
there. In this question, I have a very specific one about public and private keys. So Public keys should be put on the opposite side. For example, if we have a server, the public key of the server ...
- 3
3 votes
1 answer
985 views
SSH tries other keys despite specifying a key with -i option
For the same user, I have two keys on the local machine. On the remote server, both keys are in the authorized_keys file. I delete one of the keys in the authorized_keys file. I then try to ssh with ...
- 435
0 votes
2 answers
1k views
How does SSH host verification for github.com provide any value?
Running git clone [email protected]/repo.git warns me of a potential man-in-the-middle attack when GitHub change their SSH key, and that's cool. I then get the new key by running ssh-keyscan -t rsa ...
- 101
0 votes
0 answers
332 views
Linux server ssh connection wont authenticate my account using ssh key gen and prompts me for password
I am facing an issue in Ubuntu 22.04.2. where I am unable to SSH into a remote server using a copied public key. I have generated an SSH key pair on my local machine using a bash terminal, and I have ...
- 1
1 vote
1 answer
14k views
What is the host key (the one from ssh connection) and how is it different from public-private key pair?
The situation is that I've had a VPS created previously. It was all set up, private-public key authentication, root login turned off, password login turned off. Everything was set up. Then this server ...
- 197
6 votes
1 answer
25k views
What is the meaning of this line from ssh output: 'Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling'?
Everything works, ssh connects using private-public ssh key pair. Just few things in ssh -v Ora2 output isn't clear for me. This is complete ssh -v Ora2 output: PS C:\Users\roeslermichal> ssh -v ...
- 197
0 votes
1 answer
2k views
Permission denied (publickey) error when managing GCP machine via Ansible (running on GCP VM) despite successful SSH connection
I deployed two machines to GCP via Terraform. Let's call them control-host and target-host. I want to manage the target-host via Ansible installed on the control-host. Unfortunately, I keep getting ...
4 votes
2 answers
4k views
Why I can not ssh to my Vagrant host? [email protected]: Permission denied (publickey)
I created 5 VMs for my project vagrant status Current machine states: master-1 running (virtualbox) master-2 running (virtualbox) master-3 running (...
- 379
0 votes
1 answer
86 views
SSH key for 2 client users to 1 server user
If this is a duplicate, I'm sorry. I have searched my case but I couldn't find the right scenario that resembles my situation, although I thought that this situation must have come up before for ...
- 35
1 vote
1 answer
967 views
Validate all public keys in authorized_file
In my authorized_file i have multiple public keys against one private key. Now i want to add a task in ansible which will validate that all public keys are valid keys and good for connection. My aim ...
- 11
3 votes
2 answers
2k views
Avoid SSH AgentForwarding of incompatible keys
Good morning, I have one ed25519-sk key (using a hardware token), which I need only on my personal machine for some high security servers (all Debian). This key type is supported by OpenSSH 8.3+. We ...
- 555
0 votes
1 answer
912 views
sshd not providing ecdsa/ed25519 host key algos
we have setup'd a bastion that only responds with the ssh-rsa host key algorithm when querying: ssh-keyscan bastion.ops.dev.xxx.com # bastion.ops.dev.xxx.com:22 SSH-2.0-OpenSSH_7.4 # bastion.ops.dev....
- 133
4 votes
1 answer
10k views
Adding my SSH key to new user with only SSH access through key
I'm quite new to this, and I've looked through questions but haven't found one that quite matches my problem, or rather I didn't sufficiently understand them to be able to solve this issue. I have a ...
- 143
1 vote
0 answers
2k views
ssh illegal option while trying to connect to remote server
trying to ssh from my macbook pro, to a remote server, ssh ayan@ServerIPAddress gives the following error ssh: illegal option -- ? usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface] ...
- 111
0 votes
1 answer
533 views
Needs a clarification for the ssh-copy-id command
Say I have two computers connected to the same Wifi network. Let's call them computer-A & computer-B. I am using computer-A, I can ping computer-B without issues. Now, on computer-A, I have ...
- 101