I am trying to host private composer repository with satis (http://getcomposer.org/doc/articles/handling-private-packages-with-satis.md)
It works fine through http protocol.
I want to secure it with ssh connection as described in security section (http://getcomposer.org/doc/articles/handling-private-packages-with-satis.md#security)
But having errors when connecting with ssh2.sftp:// protocol.
Composer\Downloader\TransportException]
The "ssh2.sftp://192.168.10.30/packages.json" file could not be downloaded: Error starting up SSH connection(-43): Failed getting banner
failed to open stream: operation failed
I have already generated key pair
I added pub key to authorized_keys file on satis server.
I can connect with ssh to satis server without entering pass, so keys are working.
What i am missing or doing wrong?
UPDATE
Also i had installed ssh2 module extention. It appears on output of the command php -m | grep ssh2
Found solution myself:
I was using ssh key pair with password. Apparently ssh2.sftp do not like this. Generated new key pair without password.
Secondly need to use full path from root directory. For example:
ssh2.sftp://192.168.10.30/home/[username]/path/to/location/packages.json
source: http://us3.php.net/manual/en/function.ssh2-sftp.php#94651)
Related
I'm trying to setup a release pipeline to copy files over to a linux server via ssh. However when I try to run the release I get the following error during the copy task:
Failed to connect to remote machine. Verify the SSH service connection details. Error: Cannot parse privateKey: Unsupported key format.
I've tried generating the key multiple times with ssh-keygen -t rsa and uploaded or copied the contents of the private key directly into the Private Key text area in the service connection. All to no avail.
It seems like I'm missing something simple as I can't find much mention of others having issue with this.
According to this issue description one should disable preview features of service connections in Azure DevOps. Then edit your SSH Service connection and instead of pasting key source it should possible to upload a key file. This way there is no Cannot parse privateKey error.
Please use ssh-keygen -m PEM -t rsa -b 2048 to generate your keys (the PEM format is required). Additionally, when I didn't specify bits with the -b option Azure told me the key file was too long.
I can connect using these credentials through ftp but not through ssh.
Timothy#ement MINGW64 ~
$ ssh timothy#mywebsite.com
ssh: connect to host mywebsite.com port 22: Connection timed out
I'm sure this question has been asked a million times before. Does it have anything to do with ssh keys?
I'm using siteground and in the ssh/shell access area i've added this:
t r timothy#mywebsite.com KtV/T4QvP4K9n7Zki9n+ZWp6 0.0.0.0/0 - ALL Remove Key | Add IP | Private Key
any help would be appreciated. Thank you.
Does it have anything to do with ssh keys?
Yes: see the official SiteGround documentation How to use SSH.
you need to enable ssh access and register your public ssh key.
then you can use ssh (provided in your <path-to-git>/usr/bin) in order to access
ssh -p18765 <user>#yourdomain
SiteGround chooses to run its sshd on port 18765, not the default 22.
The siteground tutorials are junk, two out of the three chat support staff I spoke with just referred me to the tutorials when I was attempting to make a connection to my siteground server over ssh.
These are the steps that finally worked:
From the cPanel Advanced section select SSH/Shell Access
Generate a new key using their utility (make note of the password you used for later use).
*** They have a tutorial that should allow you to create a private key on linux then upload the public key to their site. That is "not recommended" and I was unable to get that to work.
Once you have their key listed in the current keys table click the Private Key link
Copy the Private Key to a file in your local .ssh directory (make sure the mask is 0600)
run the following command:
ssh-add
enter the passphrase you used when generating the key using their utility
If you get a response "Identity added: ..." you are all set
you should now be able to use the command:
ssh # -p18765
It doesn't look like they have X11 forwarding enabled though so if you use ssh -X you will get:
X11 forwarding request failed on channel 0
I want to be able to execute shell commands on remote nodes using Rundeck and I found this video that explains how to do that but I don't understand the private-key part and how to configure it. I keep getting the following error:
Authentication failure connecting to node: "test-001". Make sure your
resource definitions and credentials are up to date. Failed:
AuthenticationFailure: Authentication failure connecting to node:
"test-001". Make sure your resource definitions and credentials are up
to date.
I have a remote server set up and I configured the resource.xml file like the following:
<node name="test-001" description="demo for test" tags="demo" hostname="10.10.10.10:22" osFamily="unix" osName="Linux" osVersion="2.6.32" username="demo" />
Do I need to add the ssh-key value to the xml file? If so, do I have to copy the public or private keys from the Rundeck server to the host server?
Also, the username demo has a password too, so how can I define it?
Rundeck host server connects to the node by means of private key authentication which is exactly similar to SSH private key authentication. Follow these steps to add a node to your server rundeck.
Open up the resources.xml file and add the following.
<node name="rundeck node2" description="Rundeck node2" tags="node2" hostname="10.1.0.1" osArch="amd64" osFamily="unix" osName="Linux" osVersion="3.11.10-03111015-generic" username="leo" ssh-keypath="/var/lib/rundeck/node2.key"/>
You can change the SSH user name in node and private key file name. In addition to that, you can change all the other naming parameters too like node name and tags etc.
Now get into your node server.
Create a ssh user, here its leo
switch to user leo. Generate a SSH key
ssh-keygen
Append the public key to authorized_keys
leo#c1a5f48a6c4c:~/.ssh$ pwd
/home/leo/.ssh
leo#c1a5f48a6c4c:~/.ssh$ cat id_rsa.pub >> authorized_keys
leo#c1a5f48a6c4c:~/.ssh$ chmod g-w authorized_keys
Copy the private key
leo#c1a5f48a6c4c:~/.ssh$ cat id_rsa
Save the private key to the file "/var/lib/rundeck/node2.key" on rundeck host. Now the authentication is okay and ready to execute adhoc commands from rundeck dashboard
Documentation is fairly all over the place with different versions having different keywords and there being no warnings in case you are using the wrong one.
The relevant documentation is here:
https://docs.rundeck.com/2.11.3/plugins-user-guide/ssh-plugins.html
You need to specify:
ssh-authentication: privateKey
...and:
ssh-keypath: /path/directly/to/.ssh/id_rsa
(Assuming you are using filesystem key storage.)
Remove passphrase from your keys with:
ssh-keygen -p -m PEM -f /path/to/your/.ssh/id_rsa
...and do not forget to mke sure the id_rsa file is owned by rundeck and has suitably restricted permissions.
In my case I had a passpharse in my private key. Make sure your private key passpharse is empty.
So I am working with Jenkins and I need to use the Jenkins CLI, but I cannot get the authentication figured out.
I was following their rather short description here: https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+CLI which said I need to convert my .ppk file from Putty into openssh format. They link you to this post here How to convert SSH keypairs generated using PuttyGen(Windows) into key-pairs used by ssh-agent and KeyChain(Linux) and I followed those instructions and tried with the file it generated, but I end up with a file that is a single line and looks like:
ssh-rsa [KEY]
When I use this file with the Jenkins CLI I get this error:
Exception in thread "main" java.io.IOException: Invalid PEM structure, '-----BEGIN...' missing
at com.trilead.ssh2.crypto.PEMDecoder.parsePEM(PEMDecoder.java:138)
at com.trilead.ssh2.crypto.PEMDecoder.decode(PEMDecoder.java:313)
at hudson.cli.PrivateKeyProvider.loadKey(PrivateKeyProvider.java:143)
at hudson.cli.PrivateKeyProvider.loadKey(PrivateKeyProvider.java:126)
at hudson.cli.PrivateKeyProvider.readFrom(PrivateKeyProvider.java:107)
at hudson.cli.CLI._main(CLI.java:440)
at hudson.cli.CLI.main(CLI.java:387)
I am really not familiar with ssh keys at all and have been searching around for a while with no luck. Can anyone instruct me on how to get my .ppk file into the correct format to use with the Jenkins CLI? Thanks!
You have to generate a public SSH key on your machine and to declare this SSH key on your Jenkins server.
To generate a public key on your machine (with no passphrase):
ssh-keygen -t rsa
The default location for your public key is:
/Users/your.user/.ssh/id_rsa.pub
Copy your public SSH key (ssh-rsa XXXXXXXX your.email#domain.com).
Next, go on your Jenkins server and edit your Jenkins user information (via the top right corner, by clicking on your username).
Go to the "SSH Public Keys" section and paste your public key.
You should be able to access your Jenkins server with the CLI.
I've tested this configuration on my Jenkins server and it works.
brunolavit#MBP ~/Downloads$ java -jar jenkins-cli.jar -s http://myjenkinsserver.mydomain.com:8080/ version
1.577
I'm trying to setup Pycharm such that my local changes are automatically deployed to a remote server.
I can ssh remoteserver and also sftp remoteserver from the terminal so access is not an issue. But if I try to setup deployment in Pycharm using SFTP, it can't establish the connection.
My best guess is that it's an authentication issue. When running the ssh or sftp commands separately, I've never needed to enter a username or password, so I suppose the auth is happening via Private Key. But the problem is that I'm not sure where the Private Key actually is (I'm in an unfamiliar dev environment).
So either
How do I know which Private Key I'm using when running ssh or sftp?
Any other way to resolve the problem.
Thanks!
As to (1), the SSH man page says (under the -i option) "The default is ~/.ssh/identity for protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for protocol version 2. Identity files may also be specified on a per-host basis in the configuration file."
The configuration file is ~/.ssh/config, and the key file for a particular host is specified with IdentityFile.
You can also run ssh with -vvv parameter. The location of the private key file will be printed out (if key authentication is used).