This is the first time I'm doing this. I generated a key on my Mac and I have id_dsa, id_dsa.pub. I imported public key into my cPanel. After reading a few tutorials and blogs I'm still lost. How can I connect to my server from this point?
To connect, you would do this: ssh -l yourusername the.server.address from Terminal.
For instance, your username is kira, and your server is my.server.net:
ssh -l kira my.server.net
You will be prompted for your password, and the you're in (provided you enter a correct password of course)
Related
I am trying to SSH into the server as part of the deployment job in CircleCI
ssh -oStrictHostKeyChecking=no $DEV_DROPLET_USER#$DEV_DROPLET_IP
I have my SSH private key for the user on this server loaded into CircleCI but everytime I run the job, I get this output
Warning: Permanently added '$host' (ECDSA) to the list of known hosts.
<$user>#<$host>'s password:
How can I stop it prompting me for the password?
I have added the SSH key for this user to the SSH Agent on the server (these instructions)
For a passwordless ssh connection, you must:
put the private ssh key into a file in the directory $HOME/.ssh/ on the client computer connecting to the server (example : $HOME/.ssh/MyServer)
copy the public ssh key into the file $HOME/.ssh/authorized_keys on the server
have writing permission on the file $HOME/.ssh/known_hosts on the client computer
The sshd service is normally already configured to accept key based authentication.
From the client computer, you can now do a passwordless connection ssh -i $HOME/.ssh/MyServer $DEV_DROPLET_USER#$DEV_DROPLET_IP
Of course, on the client computer your $DEV_DROPLET_USER must have appropriate permissions for accessing the ssh related files.
You don’t need to do anything with the ssh agent, on the client or on the server.
Late reply, but I hope it helps somebody else in the future.
Assuming you followed these instructions in the CircleCI docs, then the private key will automatically be copied to the machine being used by CircleCI when the add_ssh_keys step is run.
Make sure one the server you are trying to SSH into, the public key generated (in ~/.ssh/id_rsa.pub or something similar) is copied to the ~/.ssh/authorized_hosts file on the same server. This crucial step is what allows anybody with the private key (CircleCI) to be allowed into the server.
I can connect using these credentials through ftp but not through ssh.
Timothy#ement MINGW64 ~
$ ssh timothy#mywebsite.com
ssh: connect to host mywebsite.com port 22: Connection timed out
I'm sure this question has been asked a million times before. Does it have anything to do with ssh keys?
I'm using siteground and in the ssh/shell access area i've added this:
t r timothy#mywebsite.com KtV/T4QvP4K9n7Zki9n+ZWp6 0.0.0.0/0 - ALL Remove Key | Add IP | Private Key
any help would be appreciated. Thank you.
Does it have anything to do with ssh keys?
Yes: see the official SiteGround documentation How to use SSH.
you need to enable ssh access and register your public ssh key.
then you can use ssh (provided in your <path-to-git>/usr/bin) in order to access
ssh -p18765 <user>#yourdomain
SiteGround chooses to run its sshd on port 18765, not the default 22.
The siteground tutorials are junk, two out of the three chat support staff I spoke with just referred me to the tutorials when I was attempting to make a connection to my siteground server over ssh.
These are the steps that finally worked:
From the cPanel Advanced section select SSH/Shell Access
Generate a new key using their utility (make note of the password you used for later use).
*** They have a tutorial that should allow you to create a private key on linux then upload the public key to their site. That is "not recommended" and I was unable to get that to work.
Once you have their key listed in the current keys table click the Private Key link
Copy the Private Key to a file in your local .ssh directory (make sure the mask is 0600)
run the following command:
ssh-add
enter the passphrase you used when generating the key using their utility
If you get a response "Identity added: ..." you are all set
you should now be able to use the command:
ssh # -p18765
It doesn't look like they have X11 forwarding enabled though so if you use ssh -X you will get:
X11 forwarding request failed on channel 0
I'm sorry to have to ask this question, but I feel like I've tried every answer so far on SO with no luck.
I have my local machine and my remote server. Jenkins is up and running on my server.
If I open up terminal and do something like scp /path/to/file user#server:/path/to/wherever then my ssh works fine without requiring a password
If I run this command inside of my Jenkins job I get 'Host Key Verification Failed'
So I know my SSH is working correctly the way I want, but why can't I get Jenkins to use this SSH key?
Interesting thing is, it did work fine when I first set up Jenkins and the key, then I think I restarted my local machine, or restarted Jenkins, then it stopped working. It's hard to say exactly what caused it.
I've also tried several options regarding ssh-agent and ssh-add but those don't seem to work.
I verified the local machine .pub is on the server in the /user/.ssh folder and is also in the authorized keys file. The folder is owned by user.
Any thoughts would be much appreciated and I can provide more info about my problem. Thanks!
Update:
Per Kensters suggestion I did su - jenkins, then ssh server, and it asked me to add to known hosts. So I thought this was a step in the right direction. But the same problem persisted afterward.
Something I did not notice before I can ssh server without password when using my myUsername account. But if I switch to the jenkins user, then it asks me for my password when I do ssh server.
I also tried ssh-keygen -R server as suggested to no avail.
Try
su jenkins
ssh-keyscan YOUR-HOSTNAME >> ~/.ssh/known_hosts
SSH Slaves Plugin doesn't support ECDSA. The command above should add RSA key for ssh-slave.
Host Key Verification Failed
ssh is complaining about the remote host key, not the local key that you're trying to use for authentication.
Every SSH server has a host key which is used to identify the server to the client. This helps prevent clients from connecting to servers which are impersonating the intended server. The first time you use ssh to connect to a particular host, ssh will normally prompt you to accept the remote host's host key, then store the key locally so that ssh will recognize the key in the future. The widely used OpenSSH ssh program stores known host keys in a file .ssh/known_hosts within each user's home directory.
In this case, one of two things is happening:
The user ID that Jenkins is using to run these jobs has never connected to this particular remote host before, and doesn't have the remote host's host key in its known_hosts file.
The remote host key has changed for some reason, and it no longer matches the key which is stored in the Jenkins user's known_hosts file.
You need to update the known_hosts file for the user which jenkins is using to run these ssh operations. You need to remove any old host key for this host from the file, then add the host's new host key to the file. The simplest way is to use su or sudo to become the Jenkins user, then run ssh interactively to connect to the remote server:
$ ssh server
If ssh prompts you to accept a host key, say yes, and you're done. You don't even have to finish logging in. If it prints a big scary warning that the host key has changed, run this to remove the existing host from known_hosts:
$ ssh-keygen -R server
Then rerun the ssh command.
One thing to be aware of: you can't use a passphrase when you generate a key that you're going to use with Jenkins, because it gives you no opportunity to enter such a thing (seeing as it runs automated jobs with no human intervention).
The target server is a relatively clean install of Ubuntu 14.04. I generated a new ssh key using ssh-keygen and added it to my server using ssh-copy-id. I also checked that the public key was in the ~/.ssh/authorized_keys file on the server.
Even still, I am prompted for a password every time I try to ssh into the server.
I noticed something weird however. After I log into my first session using my password, the next concurrent sessions don't ask for a password. They seem to be using the ssh key properly. I've noticed this behaviour on two different clients (Mint OSX).
Are you sure your SSH key isn't protected by a password? Try the following:
How do I remove the passphrase for the SSH key without having to create a new key?
If that's not the case, it may just be that ssh is having trouble locating your private key. Try using the -i flag to explicitly point out its location.
ssh -i /path/to/private_key username#yourhost.com
Thank you Samuel Jun for the link to help.ubuntu.com - SSH Public Key Login Troubleshooting !
Just a little caveat:
If you copy your authorized keys file outside your encrypted home directory please make sure your root install is encrypted as well (imho Ubuntu still allows for unencrypted root install coupled with encryption of the home directory).
Otherwise this defeats the whole purpose of using encryption in the first place ;)
If this is happening to you on Windows (I'm on Windows 10)
Try running the program that you're trying to connect via ssh to the server as administrator.
For me I was using powershell with scoop to install a couple of things so that I could ssh straight from it. Anyway... I ran PowerShell as admin and tried connecting again and it didn't ask for my password.
For LinuxSE
Check the SE context with
% ls -dZ ~user/.ssh
Must contain unconfined_u:object_r:ssh_home_t:s0
If not, that was the problem , as root run
# for i in ~user/.ssh ~user/.ssh/*
do
semanage fcontext -a -t ssh_home_t $i
done
# restorecon -v -R ~user/.ssh
It looks like it's related to encryption on your home directory and therefore the authorized_keys file cannot be read.
https://unix.stackexchange.com/a/238570
Make sure your ssh public key was copied to the remote host in the right format. If you open the key file to edit it should read 1 line.
Basically, just do ssh-copy-id username#remote. It will take care of the rest.
It will be helpful if somebody could tell me how to connect to a unix server using username and password as arguments.my username and password is "anitha".
How can i create a shell script which automatically connect to my unix server with this username and password?
I guess you want to remotely connect to your *nix server from network. Base on my guess, to:
connect to remote *nix server, everybody is using SSH
ssh anitha#anitha ip-to-unix-server
automatically connect, write simple bash shell wrap around your ssh connect command and do something, not suggested, you should use ssh password less login (aka public/private key)
#!/usr/bin/env bash
ip=172.16.0.1 #replace 172.16.0.1 with your unix server's ip
username=anitha #your ssh username
password=anitha #your ssh password
command=who #what do you want to do with remote server
arguments= #arguments for your command
expect -c 'spawn ssh $username#$ip ; expect password ; send "$password\n" ; interact'
connect without typing password, you may need to use SSH password less login
Use sshpass if you really need to use non-interactive keyboard-interactive authentication (pun intended) or better switch to using pubkey-based authentication.
Note that passing the password in clear to the ssh client is very lame as the password gets exposed in the publicly-readable process list where it can be read by anyone. sshpass works around this problem by creating a pseudo-terminal and communicating with the ssh client using it, so at least the password is not exposed at runtime.
Step 1:
jsmith#local-host$ [Note: You are on local-host here]
jsmith#local-host$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key]
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Pess enter key]
Your identification has been saved in /home/jsmith/.ssh/id_rsa.
Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
The key fingerprint is:
33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9 jsmith#local-host
Step 2:
From Local-host, run this One liner for password less ssh connectivity.
cat ~/.ssh/id_dsa.pub | ssh useronanotherserver#anotherservername 'cat >> ~/.ssh/authorized_keys'
You should use expect, which is an extension of tcl that was made specifically for automating login tasks.
Basic ssh login question: could not able to spawn(ssh) using expect
How to interact with the server programattically after you have established the session: Expect Script to Send Different String Outputs