I am trying to connect a Linux machine from Windows using passwordless SSH connection. I generated the keys using PuTTYgen in the Windows machine and copied the keys to the Linux machine appropriately.
From the command prompt of windows I could access passwordless using the below command:
ssh user#ipaddress
When I use Plink, if I issue the below command the passwordless connection is going through:
plink user#ipaddress -i <path to private ppk>
My question here is: in case I use plink -batch option, where does the private key file will be picked from if I don't mention -i option?
In other words, which is the default location of ppk file which Plink is looking for?
For example:
plink -batch user#ipaddress
Plink does not have any default location for private keys.
What you should do instead, is load the private key into Pageant (PuTTY authentication agent).
Related
I had been using VSCode's remote-ssh to access my virtual machines running on google cloud. This had been working perfectly fine until I made a snapshot of my most recent instance and created a new instance out of this on a larger VM. Now when I try to connect (through any method) I get: " Permission denied (publickey).". I have spent countless hours deleting and re-adding, and recreating my ssh keys to no avail. Before I simply ran "gcloud compute config-ssh" and this created a working config file, but now this works. Please help, I have tried everything and there is simply no way for me to ssh. On the website I can click the ssh button to open up their shell, but cannot do it from my terminal
The problem may be related to the lack of identification of your SSH private key during connection in VSCode. You can indicate your private key adding IdentityFile option pointing to your SSH private key, this in your SSH connection host entries in SSH configuration files:
Host vm_name
HostName external_ip
IdentityFile /path/to/ssh_private_key
Port port_number
Here the long story if you or someone need more information.
You can go from the start for ensure that you do no have compromise your SSH keys and that is the origin of problem.
Create SSH Key
First, create new ssh keys.In the computer that you will use to access your remote host, that is Google VM instance, open your terminal or cmd and go to the ssh folder to generate the keys.
My ssh config and keys are under my user directory, /home/my_user/.ssh on Linux or C:\Users\my_user\.ssh on Windows.
The I will cd to one of these path, depending on for which of them I using at the moment.
Linux:
cd /home/my_user/.ssh
Windows:
cd C:\Users\my_user\.ssh
Command to generate SSH key
ssh-keygen -t rsa -f my_ssh_key -C user
my_ssh_key: the name your key, you can put what you want to better identify
user: must be the user that you want to use to connect at your Google VM instance.
This will generate an Private Key named my_ssh_key and a Public key named my_ssh_key.pub.
Alternatively, stay in any location of operating system and passing the absolute path where to generate the keys:
Linux:
ssh-keygen -t rsa -f /home/my_user/.ssh/my_ssh_key -C user
Windows:
ssh-keygen -t rsa -f C:\Users\my_user\.ssh\my_ssh_key -C user
Copy the public key in your Google cloud VM authorized_keys file
/home/my_user/.ssh/authorized_keys
** Do not rewrite anyone public key that already exists jus append in the file of authorized_keys file.
Add new ssh Host entry for remote connection
Click on Remote SSH manager, the icon at the bottom right of the VS Code, click on the Remote SSH: Open Configuration File option and choose your ssh configuration file to add another SSH entry for remote connection.
The config file must be under SSH directory, the same path used in the step of generate SSH keys.
Linux:
/home/my_user/.ssh/config
Windows:
C:\Users\my_user\.ssh\config
To add another Host, write the following make the properly changes:
Host vm_name
HostName external_ip
IdentityFile /path/to/ssh_private_key
Port port_number
vm_name: is alias to connect with ssh command in practical way, could be what you want.
external_ip: the external of your Google VM instance, you can get in the VM instances panel at https://console.cloud.google.com/
IdentityFile: the path for yout private SSH key, the file that you generated that note have .pub extension.
Linux:
/home/my_user/.ssh/my_ssh_key
Windows:
C:\Users\my_user\.ssh\my_ssh_key
Port: the por number of SSH of your Google VM instance, 22 is the default port.
Now it is just choose this host to connect to your Google VM instance.
For more details about SSH settings on Google Cloud Platform: https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys#linux-and-macos_1
i have a server which is access remote connection only with SSH key auth
i have a key which is stored in my home directory with .pem extension
but when im trying to copy file using the scp command
scp /home/myfilewhichiwannatocopy core#54.32.14.156:/home/core the server asks for password but i don't have it ( btw normal connection using the ssh -i /.ssh/mg.service.pem core#54.32.14.156 fully works) and how to make the scp command for using the key auth?
scp -i /path/to/key.pem somefile.txt user#<machine>:/path
Might I also add, you can consult the man pages https://linux.die.net/man/1/scp
My ultimate goal is to use MyEnTunnel to set up a tunnel between a Windows server at location A, and a BSD machine at location B so that I can access a database server running at location B locally at A. (localhost:3054 ======> bsdmachine:3050) MyEnTunnel is essentially a Windows Service wrapper for plink.
We use a private key for ssh access at location B. PuttyGen was used to convert the private key into a .ppk file to be compatible with putty, plink, etc. Putty connects to the BSD machine using the .ppk with no problems whatsoever.
I copied the command line string MyEnTunnel is using to establish the connection, pasted it into a directory with the latest version of putty, plink, etc. (in case MyEnTunnel's plink.exe is outdated), and it still failed.
plink.exe 192.168.0.233 -N -ssh -2 -P 916 -l "root" -C -i "keyfile.ppk" -L 3054:192.168.0.208:3050
The BSD machine has several jails running; 1.233 is the host, and accepts SSH connections. 1.208 is a jail with a server listening to 3050, and will not accept ssh connections.
I use tunnels so rarely, I always forget the proper order of things, and when I'm supposed to ur -R and -L, so I tried the 16 possibilities. ;-) I then started plink with the bare options:
plink.exe 192.168.0.233 -N -ssh -2 -P 916 -l "root" -i "keyfile.ppk"
Putty, with these settings, connects without a hitch. Plink reports:
Using username "root".
And proceeds to do nothing forever.
What am I doing wrong, and what would establish the tunnel with the local listening port 3054, and the target port 3050 at 192.168.0.208?
You used the -N flag, this makes it run on the background. If you add the -v flag you can see all the activity of the forward/tunnel.
I had an existing opensuse 64 bit machine which i exported using
vagrant package --base opensuse64 --output opensuse.box
After creating box I created another folder 'package-test' and copied the created box file there. Then I used
vagrant init opensuse opensuse.box
and then
vagrant up
but I am unable to connect to it via ssh.
Am I doing something wrong?
Thanks
To make vagrant ssh work, your OpenSUSE VM has to be configured for Public Key Authentication using Vagrant's key pair.
If you want to use password authentication, you'll have to specify the ssh port and use username/password known to you.
NOTE: If this is a vagrant base box, by default you can login as vagrant/vagrant with sudo privilege, as per the packaging guide.
If you want to use your own key pair, you can copy the public key and add it to the VM's ~/.ssh/authorized_keys.
Examples
Manual (1 liner)
cat /path/to/vagrant.pub | ssh user#host 'cat >> ~/.ssh/authorized_keys'
Use ssh-copy-id
# -i defaults to ~/.ssh/id_rsa.pub
ssh-copy-id user#host
# custom pub key
ssh-copy-id -i vagrant.pub user#host
NOTE: make sure ~/.ssh and ~/.ssh/authorized_keys in the VM have proper permission.
I generated a keys with putty w/ no passphrase. putty works fine, but now i installed cygwin and would like to use ssh to login. For some reason i'm prompted for a passphrase? why? putty just logs straight in? i don't want to have to generate a new key and annoy the network admins. here is what it looks like in cygwin:
$ ssh -i Documents\ and\ Settings/xxxxx/My\ Documents/xxxxx\ putty\ keys/private\ key.ppk dev.xxxxxx.com
Enter passphrase for key 'Documents and Settings/xxxxx/My Documents/xxxxx putty keys/private key.ppk':
Permission denied (publickey).
Putty uses its own .ppk format for keyfiles, and Cygwin's ssh probably can't read them correctly.
Solution: convert the .ppk file to OpenSSH key format with puttygen.exe.
You need to get "puttygen.exe" from the putty webpage http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html to convert your key to the OpenSSH format. Then it should just work.
If you can login with putty, there is no need to "annoy the network admins". Just generate a new key with cygwin, then login with putty and place your new public key in your .ssh/authorized_keys file. You should now be able to login with cygwin's ssh.
EDIT:
By the way, a sure way to "piss off" any admin is to use unencrypted keys.
You can export PuTTY keys to OpenSSH format and append them to your .ppk file, so that it becomes a valid key for ssh-add.
Just export the private key with PuTTYGen then add it to the .ppk file, then you should be able to ssh-add it. But note that when you edit the .ppk itself with PuTTYGen, it will ovewrite the file.
You can also use a script like this for adding a .ppk file into your SSH agent:
file=~/`basename $0`.tmp
trap "rm -v $file" EXIT
echo -n "Password: "
read -s pwd
echo $pwd | puttygen -P -q -O private-openssh $1 -o $file
ssh-add $file
Source: http://bazaar.launchpad.net/~renatosilva/+junk/scripts/view/head:/ppk-add.sh