Problem With Key Authentication

Am trying to set up SSH key authentication with my new VPS.

When I use CyberDuck to log in to my VPS, the "fingerprint" is not matching the one that was created when my keys were created and the connection is failing.

I am wondering if the problem is due to the fact that I ran ssh-keygen on my MacBook and then copied and pasted the Public Key into a webform in cPanel?

While my host allows you to generate the key pair on the VPS, it creates a security issue in that I would then have to find a safe way to get my Private Key back to my MacBook.

So, instead, I opted for the opposite approach and chose to create the key pair on my Mac - thus leaving the Private Key untouched on my Mac.

Any idea what is going on?


Rob


Similar Content



Managing Keys For Multiple Hosts?

I set up public key authentication between my MacBook and and VPS for added security and convenience when I SFTP things to my VPS.

Now I have some new clients who want me to manage their websites, and I want a similar set up for each client.

Do I need a public/private key pair for each client?

How can I be sure that whatever I do in my SFTP client doesn't put the other accounts - particularly my own VPS - at risk?

Thanks,


Rob

Downloading With SSH

So I was able to successfully install CyberDuck on my MacBook and configure it with my VPS using SSH Authentication Keys and a Passphrase on my Private Key.

It seems to be working well, and I feel like I can trust it when uploading files to my VPS.

But what about downloading?

This may sound dumb, but I am not entirely sure how to securely download things (e.g. Server Backups) from my VPS to my MacBook using CyberDuck...

Sincerely,


Rob

Centos 7 Public And Private Keys...

hi people,

i reinstalled my server with centos 7 to get familiar with it...

i have a laptop that im using cygwin on to ssh into the centos 7 server.

i ran ssh-keygen -t rsa on the server and now in .ssh i have a public and private key created.

i copied the public key from the server to my C:\cygwin64\home\Administrator\.ssh\known_hosts file

now when i input:
ssh userontheserver@serversip

it asks for the passphrase which i created when i did the keygen
on the server

when i put the passphrase in it says permission denied
and returns me to the command line

what am i doing wrong?

do i have the steps correct?

am i right in saying that you need to have the servers public key in your known_hosts file on the client computer to get communication working?

Need Help With SSHD

I have been asked to setup an SFTP which uses RSA public key authentication.

AS it was already in use I have opted to use CygWin and I can get it to work with passwords fine.

we are going to be hosting the SFTP server with users from the clients office connecting to it. The client has sent me their public key.

Having done LOts of reading and even more attempting to configure the server I just cant get it to work. Most of thetime I get..
ebug1: Host '127.0.0.1' is known and matches the ECDSA host key.
debug1: Found key in /home/ColoniAdmin/.ssh/known_hosts:1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/ColoniAdmin/.ssh/id_rsa
debug1: Trying private key: /home/ColoniAdmin/.ssh/id_dsa
debug1: Trying private key: /home/ColoniAdmin/.ssh/id_ecdsa
debug1: Trying private key: /home/ColoniAdmin/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).

I have once managed to get it to the point of asking for a passphrase for the private key but I don't have a private key (that I know of) just the public key the client sent us. and I certainly don't want to have to use passphrases

Their public key is in the authorized_key file on our server within the .ssh folder of their home folder. I have amended paswd and sshd_config to set home location and to allow RSA authentication.

All and any advice is super welcome, I have been doing this for 2 weeks now and i just wont work.

HELP HELP HELP!!!!!! ;-)
Thanks

Finally Got SSH Keys To Work, Had To Use A Different Command...WHY?

For the last few weeks I've been trying to setup SSH keys from my main Linux server to all of the other Linux servers that I use.

I'm using the HOWTO here

http://unix.stackexchange.com/questi...authentication

It didn't work. It was still asking for a password or the pass phrase.

So...I did my troubleshooting he

http://unix.stackexchange.com/questi...authentication

In the end, I deleted all of the public/private keys and did the following steps:

ssh-keygen (not specifiying a rsa key)

and then to copy over the key I did the following ssh-copy-id username@xx.xx.xx.xx

...and it worked!

I'm wanting to understand why this is working Vs the ways I'm seeing on other websites.

thanks

Setting Up MySQL On VPS

I am in the process of setting up my first VPS to host a website that I have been working on. By profession, I am a programmer, so I know nothing of Linux or web hosting!!

Thanks to lots of help on here this weekend, I finally learned how to access my VPS using SSH. (That only took a day or two to learn!) And my first command-line task was learning how to copy a file to another folder while maintaining the original modified date. (That only took another half-day!)

Whew!

So the next thing that I need to do is set up MySQL on my VPS...


My VPS runs on CentOS 6, and it also comes with cPanel, but since astrogeek and Miati were persistent in explaining why it is better to do things via the command-line versus using a GUI, I figured I would check things out...

My cPanel comes with some "wizard" that supposedly sets up a MySQL database for you, but whenever I see "wizard" I tend to run!

Advanced Support for my web host said that I should definitely use cPanel to create my database and create the users, because if I did it using phpMyAdmin it would supposedly mess things up as cPanel wouldn't recognize things?

(BTW, I requested MySQL Root access this morning, but I do not have Root access to my VPS - by choice for now!)


Questions:
1.) Should I listen to my web host and use the cPanel wizard to create a new MySQL database?


2.) If I decide to bypass cPanel, how exactly would I use my MacBook to talk to my VPS and do MySQL stuff over command-line?

FWIW, I developed my entire database using phpMyAdmin in MAMP on my MacBook. When I created my original database in development, I used phpMyAdmin's GUI. And then for everything else (e.g. create table, indexes, queries, etc.), I hand-wrote the SQL in TextEdit and then ran it in phpMyAdmin.

But I have no clue how to do any of this on my VPS!!


3.) How would I use the command-line to create a new database and set up groups and users for MySQL?


4.) If I did things by command-line, is it true that I would break cPanel?


I have been working on my website for the last 3 years, and it is ready to "go live", but I am discovering that setting up my VPS properly - and with lots of security - and getting things like PHP and MySQL set up is a very daunting task!!!



Sincerely,


Rob

Ssh Public And Private Keys...

hi guys,

i understand the concept of a public and private key for ssh signing and encryption...i just dont get the implementation.

if you have a client and a server and you want two way communication do both have to have each others public keys in the .ssh/authorized_keys files on each respectively?

should you use a password? does it matter if you want to run say rsync from one to the other with a cron job or script?

does anybody just have a breakdown of exactly what you need to do and how it works in different situations...

i found this:

https://www.digitalocean.com/communi...up-ssh-keys--2

seemed to help...but im still not 100% clear...

Authentication Errors (publickey,gssapi-with-mic,password)

Hi guys,
I have a problem using scp within following verbose statements:

debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Next authentication method: password
user@remote_machine1IP's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending command: scp -v httpd_ip_change2.conf. user2@remote_machine2IP:/usr/local/apache/conf
Executing: program /usr/bin/ssh host remote_machine2IP, user user2, command scp -v -t /usr/local/apache/conf
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Applying options for *
debug1: Connecting to remote_machine2IP [remote_machine2IP] port 44.
debug1: Connection established.
debug1: identity file /home/user1/.ssh/identity type -1
debug1: identity file /home/user1/.ssh/id_rsa type 1
debug1: identity file /home/user1/.ssh/id_dsa type -1
debug1: loaded 3 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'remote_machine2IP' is known and matches the RSA host key.
debug1: Found key in /home/user1/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received


debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user1/.ssh/identity
debug1: Offering public key: /home/user1/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Trying private key: /home/user1/.ssh/id_dsa
debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
Permission denied, please try again.
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-with-mic,password).
lost connection
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.1 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 1

I have been trying to copy files between two remote machines. (RHEL 5.7 on Windows by Mremote).

Thank you !

NAT From Public IP Address To Private IP Address On Centos 7

I have two centos 7 Server machines. "Machine-1" is having two NIC cards, one with public ip and another with private ip address. "Machine-2" is having a one NIC card with a private IP Address. how can i configure NAT on machine-1 to forward all TCP Traffic coming on public ip to the private ip of machine-2.

Pls give me a solve.its give me pain

GPG: How Does A Gpg2Masterkey(THE Private Key) Store All The Info Of Its PubSub Keys?

For one user I generated a gpg2 key-pair. I exported these to ascii-armour text files as master.asc and pub.asc. Then took only the pub.asc onto the keyring of a second user on the same partition. I "signed" a simple text file (say trial.txt) with the master key and also transferred it to the home directory of the second user. The pub key on the second user's keyring could verify the signature on the signed text file (trial.txt.gpg) but could not decrypt it. Also, a file encrypted by the second user with the pubkey could be decrypted by the masterkey. Each key therefore has, embedded in its structure, information about child/parent keys. Can anyone thrown light on the actual method of incorporation of this mutual recognition in the key structures? Note:The same kind of recognition happens with sub-keys derived from the Master-key. Can't find any literature which details. Help pl.