Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set
On 12/12/18 4:40 PM, Gary Braatz wrote: > Inclusion of the -i flag and the location of the private key solved the > problem. > > Thanks Steve! > > You really don't need multiple ppk pairs for different hosts. One for all is what I do. As long as you keep the private key private you only need distribute the one public key every where you need secure identification. Mike -- Gary, Mike is correct. You are actually making it much harder setting up different keys. All you need to do is what Mike has written above. I have several connections that I maintain in this fashion. Good Luck!! Greg ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set
On Wed, December 12, 2018 16:40, Gary Braatz wrote: > Inclusion of the -i flag and the location of the private key solved > the > problem. > You can also set up a personalised ssh config file in the ~/.ssh directory of the user employed to establish the sftp/ssh connections: #BOF # /home/myuser/.ssh/config # Host parameter is any arbitrary string. # sftp remoteuse...@first.site.com == Host site1 HostName first.site.com User remoteuserid IdentityFile /home/myuser/.ssh/id_rsa # sftp otheruse...@second.other.com == Host site2 HostName second.other.com User otheruserid IdentityFile /home/myuser/.ssh/rsa_vendor2 #EOF Then just run 'sftp site1' or 'sftp site2' to connect as required. -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Do NOT open attachments nor follow links sent by e-Mail James B. Byrnemailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set
On 12/12/18 4:40 PM, Gary Braatz wrote: > Inclusion of the -i flag and the location of the private key solved the > problem. > > Thanks Steve! > > You really don't need multiple ppk pairs for different hosts. One for all is what I do. As long as you keep the private key private you only need distribute the one public key every where you need secure identification. Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set
Inclusion of the -i flag and the location of the private key solved the problem. Thanks Steve! -Original Message- From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Steve Clark Sent: Wednesday, December 12, 2018 2:38 PM To: CentOS mailing list Subject: Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set On 12/12/2018 03:32 PM, Steve Clark wrote: > On 12/12/2018 03:28 PM, Gary Braatz wrote: >> Thanks for responding so quickly! No but I will try. Are you saying the >> first vendor connection worked because id_rsa and id_rsa.pub are the >> defaults if not specified? (I didn't use the -i flag for the first vendor.) >> >> >> -Original Message- >> From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Steve Clark >> Sent: Wednesday, December 12, 2018 2:23 PM >> To: CentOS mailing list >> Subject: Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond >> The First Set >> >> On 12/12/2018 03:13 PM, Gary Braatz wrote: >>> I'm new to SFTP and using this mailing list was able to successfully >> create >>> my first Private/Public keyset for a vendor hosting the SFTP server (I'm >> the >>> client). I created the keyset by typing this: >>> >>> >>> >>> # ssh-keygen -t rsa >>> >>> >>> >>> When asked for the password/passphrase I hit and afterwards >> "id_rsa" >>> and "id_rsa.pub" were created in "/root/.ssh/". I provided "id_rsa.pub" >> to >>> the vendor and when told they were ready I initiated an SFTP transfer. >>> During the first connection I was asked for the vendor-provided password >> and >>> after entering it was successfully connected to the vendor's sftp server. >>> During successive connections I was not again asked for the password. >> This >>> allowed me to create fully automated batch file transfers.my objective. >>> Setting up my second vendor is not going as smoothly. >>> >>> >>> >>> I did exactly the same thing for my second vendor with the exception of >>> typing "rsa_vendor2" during keyset generation (I assumed I had to use a >>> different name for the new keyset). >>> >>> >>> >>> # ssh-keygen -t rsa_vendor2 >>> >>> >>> >>> Files "id_rsa_vendor2" and "id_rsa_vendor2.pub" were created in >>> "/root/.ssh/" and I gave "id_rsa_vendor2.pub" to the second vendor. I >>> initiated the first connection with the second vendor and was asked for >> the >>> vendor-provided password which I entered and a successful connection was >>> made. The problem is unlike with the first vendor I am asked for the >>> password every time I connect to the second vendor's server. Because I am >>> being asked for the password I am unable to create fully automated batch >>> file transfers. >>> >>> >>> >>> The second vendor is telling me they added the public key to their server >> as >>> required. Did I miss a step or do something wrong on my end? Was I >> correct >>> using a different name for the new keyset or would the new keyset >>> information have been appended to the information already in id_rsa and >>> id_rsa.pub for the first vendor? >>> >>> >>> >>> Any help you can provide will be greatly appreciated. >>> >>> >>> >>> ___ >>> CentOS mailing list >>> CentOS@centos.org >>> https://lists.centos.org/mailman/listinfo/centos >>> >> Are using the -i flag in your invocation of sftp to the second vendor? >> >From the sftp man page: >> >> -i identity_file >> Selects the file from which the identity (private key) for >> public key authentication is read. This option >> is directly passed to ssh(1). >> > In my experience - Yes. > To expand on my response - generally there is system wide default ssh_config file in /etc/ssh/ssh_config and by default: # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_rsa # IdentityFile ~/.ssh/id_dsa -- Stephen Clark *NetWolves Managed Services, LLC.* Sr. Applications Architect Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set
Thank You Sir! The vendor is working on this as well and I believe may have just changed the password. The one I was using is no longer working (it worked a few minutes ago). I'll update you later on my progress. -Original Message- From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Steve Clark Sent: Wednesday, December 12, 2018 2:38 PM To: CentOS mailing list Subject: Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set On 12/12/2018 03:32 PM, Steve Clark wrote: > On 12/12/2018 03:28 PM, Gary Braatz wrote: >> Thanks for responding so quickly! No but I will try. Are you saying the >> first vendor connection worked because id_rsa and id_rsa.pub are the >> defaults if not specified? (I didn't use the -i flag for the first vendor.) >> >> >> -Original Message- >> From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Steve Clark >> Sent: Wednesday, December 12, 2018 2:23 PM >> To: CentOS mailing list >> Subject: Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond >> The First Set >> >> On 12/12/2018 03:13 PM, Gary Braatz wrote: >>> I'm new to SFTP and using this mailing list was able to successfully >> create >>> my first Private/Public keyset for a vendor hosting the SFTP server (I'm >> the >>> client). I created the keyset by typing this: >>> >>> >>> >>> # ssh-keygen -t rsa >>> >>> >>> >>> When asked for the password/passphrase I hit and afterwards >> "id_rsa" >>> and "id_rsa.pub" were created in "/root/.ssh/". I provided "id_rsa.pub" >> to >>> the vendor and when told they were ready I initiated an SFTP transfer. >>> During the first connection I was asked for the vendor-provided password >> and >>> after entering it was successfully connected to the vendor's sftp server. >>> During successive connections I was not again asked for the password. >> This >>> allowed me to create fully automated batch file transfers.my objective. >>> Setting up my second vendor is not going as smoothly. >>> >>> >>> >>> I did exactly the same thing for my second vendor with the exception of >>> typing "rsa_vendor2" during keyset generation (I assumed I had to use a >>> different name for the new keyset). >>> >>> >>> >>> # ssh-keygen -t rsa_vendor2 >>> >>> >>> >>> Files "id_rsa_vendor2" and "id_rsa_vendor2.pub" were created in >>> "/root/.ssh/" and I gave "id_rsa_vendor2.pub" to the second vendor. I >>> initiated the first connection with the second vendor and was asked for >> the >>> vendor-provided password which I entered and a successful connection was >>> made. The problem is unlike with the first vendor I am asked for the >>> password every time I connect to the second vendor's server. Because I am >>> being asked for the password I am unable to create fully automated batch >>> file transfers. >>> >>> >>> >>> The second vendor is telling me they added the public key to their server >> as >>> required. Did I miss a step or do something wrong on my end? Was I >> correct >>> using a different name for the new keyset or would the new keyset >>> information have been appended to the information already in id_rsa and >>> id_rsa.pub for the first vendor? >>> >>> >>> >>> Any help you can provide will be greatly appreciated. >>> >>> >>> >>> ___ >>> CentOS mailing list >>> CentOS@centos.org >>> https://lists.centos.org/mailman/listinfo/centos >>> >> Are using the -i flag in your invocation of sftp to the second vendor? >> >From the sftp man page: >> >> -i identity_file >> Selects the file from which the identity (private key) for >> public key authentication is read. This option >> is directly passed to ssh(1). >> > In my experience - Yes. > To expand on my response - generally there is system wide default ssh_config file in /etc/ssh/ssh_config and by default: # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_rsa # IdentityFile ~/.ssh/id_dsa -- Stephen Clark *NetWolves Managed Services, LLC.* Sr. Applications Architect Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set
On 12/12/2018 03:32 PM, Steve Clark wrote: > On 12/12/2018 03:28 PM, Gary Braatz wrote: >> Thanks for responding so quickly! No but I will try. Are you saying the >> first vendor connection worked because id_rsa and id_rsa.pub are the >> defaults if not specified? (I didn't use the -i flag for the first vendor.) >> >> >> -Original Message- >> From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Steve Clark >> Sent: Wednesday, December 12, 2018 2:23 PM >> To: CentOS mailing list >> Subject: Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond >> The First Set >> >> On 12/12/2018 03:13 PM, Gary Braatz wrote: >>> I'm new to SFTP and using this mailing list was able to successfully >> create >>> my first Private/Public keyset for a vendor hosting the SFTP server (I'm >> the >>> client). I created the keyset by typing this: >>> >>> >>> >>> # ssh-keygen -t rsa >>> >>> >>> >>> When asked for the password/passphrase I hit and afterwards >> "id_rsa" >>> and "id_rsa.pub" were created in "/root/.ssh/". I provided "id_rsa.pub" >> to >>> the vendor and when told they were ready I initiated an SFTP transfer. >>> During the first connection I was asked for the vendor-provided password >> and >>> after entering it was successfully connected to the vendor's sftp server. >>> During successive connections I was not again asked for the password. >> This >>> allowed me to create fully automated batch file transfers.my objective. >>> Setting up my second vendor is not going as smoothly. >>> >>> >>> >>> I did exactly the same thing for my second vendor with the exception of >>> typing "rsa_vendor2" during keyset generation (I assumed I had to use a >>> different name for the new keyset). >>> >>> >>> >>> # ssh-keygen -t rsa_vendor2 >>> >>> >>> >>> Files "id_rsa_vendor2" and "id_rsa_vendor2.pub" were created in >>> "/root/.ssh/" and I gave "id_rsa_vendor2.pub" to the second vendor. I >>> initiated the first connection with the second vendor and was asked for >> the >>> vendor-provided password which I entered and a successful connection was >>> made. The problem is unlike with the first vendor I am asked for the >>> password every time I connect to the second vendor's server. Because I am >>> being asked for the password I am unable to create fully automated batch >>> file transfers. >>> >>> >>> >>> The second vendor is telling me they added the public key to their server >> as >>> required. Did I miss a step or do something wrong on my end? Was I >> correct >>> using a different name for the new keyset or would the new keyset >>> information have been appended to the information already in id_rsa and >>> id_rsa.pub for the first vendor? >>> >>> >>> >>> Any help you can provide will be greatly appreciated. >>> >>> >>> >>> ___ >>> CentOS mailing list >>> CentOS@centos.org >>> https://lists.centos.org/mailman/listinfo/centos >>> >> Are using the -i flag in your invocation of sftp to the second vendor? >> >From the sftp man page: >> >> -i identity_file >> Selects the file from which the identity (private key) for >> public key authentication is read. This option >> is directly passed to ssh(1). >> > In my experience - Yes. > To expand on my response - generally there is system wide default ssh_config file in /etc/ssh/ssh_config and by default: # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_rsa # IdentityFile ~/.ssh/id_dsa -- Stephen Clark *NetWolves Managed Services, LLC.* Sr. Applications Architect Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set
On 12/12/2018 03:28 PM, Gary Braatz wrote: > Thanks for responding so quickly! No but I will try. Are you saying the > first vendor connection worked because id_rsa and id_rsa.pub are the > defaults if not specified? (I didn't use the -i flag for the first vendor.) > > > -Original Message- > From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Steve Clark > Sent: Wednesday, December 12, 2018 2:23 PM > To: CentOS mailing list > Subject: Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond > The First Set > > On 12/12/2018 03:13 PM, Gary Braatz wrote: >> I'm new to SFTP and using this mailing list was able to successfully > create >> my first Private/Public keyset for a vendor hosting the SFTP server (I'm > the >> client). I created the keyset by typing this: >> >> >> >> # ssh-keygen -t rsa >> >> >> >> When asked for the password/passphrase I hit and afterwards > "id_rsa" >> and "id_rsa.pub" were created in "/root/.ssh/". I provided "id_rsa.pub" > to >> the vendor and when told they were ready I initiated an SFTP transfer. >> During the first connection I was asked for the vendor-provided password > and >> after entering it was successfully connected to the vendor's sftp server. >> During successive connections I was not again asked for the password. > This >> allowed me to create fully automated batch file transfers.my objective. >> Setting up my second vendor is not going as smoothly. >> >> >> >> I did exactly the same thing for my second vendor with the exception of >> typing "rsa_vendor2" during keyset generation (I assumed I had to use a >> different name for the new keyset). >> >> >> >> # ssh-keygen -t rsa_vendor2 >> >> >> >> Files "id_rsa_vendor2" and "id_rsa_vendor2.pub" were created in >> "/root/.ssh/" and I gave "id_rsa_vendor2.pub" to the second vendor. I >> initiated the first connection with the second vendor and was asked for > the >> vendor-provided password which I entered and a successful connection was >> made. The problem is unlike with the first vendor I am asked for the >> password every time I connect to the second vendor's server. Because I am >> being asked for the password I am unable to create fully automated batch >> file transfers. >> >> >> >> The second vendor is telling me they added the public key to their server > as >> required. Did I miss a step or do something wrong on my end? Was I > correct >> using a different name for the new keyset or would the new keyset >> information have been appended to the information already in id_rsa and >> id_rsa.pub for the first vendor? >> >> >> >> Any help you can provide will be greatly appreciated. >> >> >> >> ___ >> CentOS mailing list >> CentOS@centos.org >> https://lists.centos.org/mailman/listinfo/centos >> > Are using the -i flag in your invocation of sftp to the second vendor? > >From the sftp man page: > > -i identity_file > Selects the file from which the identity (private key) for > public key authentication is read. This option > is directly passed to ssh(1). > In my experience - Yes. -- Stephen Clark *NetWolves Managed Services, LLC.* Sr. Applications Architect Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set
Thanks for responding so quickly! No but I will try. Are you saying the first vendor connection worked because id_rsa and id_rsa.pub are the defaults if not specified? (I didn't use the -i flag for the first vendor.) -Original Message- From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Steve Clark Sent: Wednesday, December 12, 2018 2:23 PM To: CentOS mailing list Subject: Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set On 12/12/2018 03:13 PM, Gary Braatz wrote: > I'm new to SFTP and using this mailing list was able to successfully create > my first Private/Public keyset for a vendor hosting the SFTP server (I'm the > client). I created the keyset by typing this: > > > > # ssh-keygen -t rsa > > > > When asked for the password/passphrase I hit and afterwards "id_rsa" > and "id_rsa.pub" were created in "/root/.ssh/". I provided "id_rsa.pub" to > the vendor and when told they were ready I initiated an SFTP transfer. > During the first connection I was asked for the vendor-provided password and > after entering it was successfully connected to the vendor's sftp server. > During successive connections I was not again asked for the password. This > allowed me to create fully automated batch file transfers.my objective. > Setting up my second vendor is not going as smoothly. > > > > I did exactly the same thing for my second vendor with the exception of > typing "rsa_vendor2" during keyset generation (I assumed I had to use a > different name for the new keyset). > > > > # ssh-keygen -t rsa_vendor2 > > > > Files "id_rsa_vendor2" and "id_rsa_vendor2.pub" were created in > "/root/.ssh/" and I gave "id_rsa_vendor2.pub" to the second vendor. I > initiated the first connection with the second vendor and was asked for the > vendor-provided password which I entered and a successful connection was > made. The problem is unlike with the first vendor I am asked for the > password every time I connect to the second vendor's server. Because I am > being asked for the password I am unable to create fully automated batch > file transfers. > > > > The second vendor is telling me they added the public key to their server as > required. Did I miss a step or do something wrong on my end? Was I correct > using a different name for the new keyset or would the new keyset > information have been appended to the information already in id_rsa and > id_rsa.pub for the first vendor? > > > > Any help you can provide will be greatly appreciated. > > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > Are using the -i flag in your invocation of sftp to the second vendor? >From the sftp man page: -i identity_file Selects the file from which the identity (private key) for public key authentication is read. This option is directly passed to ssh(1). -- Stephen Clark *NetWolves Managed Services, LLC.* Sr. Applications Architect Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set
On 12/12/2018 03:13 PM, Gary Braatz wrote: > I'm new to SFTP and using this mailing list was able to successfully create > my first Private/Public keyset for a vendor hosting the SFTP server (I'm the > client). I created the keyset by typing this: > > > > # ssh-keygen -t rsa > > > > When asked for the password/passphrase I hit and afterwards "id_rsa" > and "id_rsa.pub" were created in "/root/.ssh/". I provided "id_rsa.pub" to > the vendor and when told they were ready I initiated an SFTP transfer. > During the first connection I was asked for the vendor-provided password and > after entering it was successfully connected to the vendor's sftp server. > During successive connections I was not again asked for the password. This > allowed me to create fully automated batch file transfers.my objective. > Setting up my second vendor is not going as smoothly. > > > > I did exactly the same thing for my second vendor with the exception of > typing "rsa_vendor2" during keyset generation (I assumed I had to use a > different name for the new keyset). > > > > # ssh-keygen -t rsa_vendor2 > > > > Files "id_rsa_vendor2" and "id_rsa_vendor2.pub" were created in > "/root/.ssh/" and I gave "id_rsa_vendor2.pub" to the second vendor. I > initiated the first connection with the second vendor and was asked for the > vendor-provided password which I entered and a successful connection was > made. The problem is unlike with the first vendor I am asked for the > password every time I connect to the second vendor's server. Because I am > being asked for the password I am unable to create fully automated batch > file transfers. > > > > The second vendor is telling me they added the public key to their server as > required. Did I miss a step or do something wrong on my end? Was I correct > using a different name for the new keyset or would the new keyset > information have been appended to the information already in id_rsa and > id_rsa.pub for the first vendor? > > > > Any help you can provide will be greatly appreciated. > > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > Are using the -i flag in your invocation of sftp to the second vendor? >From the sftp man page: -i identity_file Selects the file from which the identity (private key) for public key authentication is read. This option is directly passed to ssh(1). -- Stephen Clark *NetWolves Managed Services, LLC.* Sr. Applications Architect Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set
I'm new to SFTP and using this mailing list was able to successfully create my first Private/Public keyset for a vendor hosting the SFTP server (I'm the client). I created the keyset by typing this: # ssh-keygen -t rsa When asked for the password/passphrase I hit and afterwards "id_rsa" and "id_rsa.pub" were created in "/root/.ssh/". I provided "id_rsa.pub" to the vendor and when told they were ready I initiated an SFTP transfer. During the first connection I was asked for the vendor-provided password and after entering it was successfully connected to the vendor's sftp server. During successive connections I was not again asked for the password. This allowed me to create fully automated batch file transfers.my objective. Setting up my second vendor is not going as smoothly. I did exactly the same thing for my second vendor with the exception of typing "rsa_vendor2" during keyset generation (I assumed I had to use a different name for the new keyset). # ssh-keygen -t rsa_vendor2 Files "id_rsa_vendor2" and "id_rsa_vendor2.pub" were created in "/root/.ssh/" and I gave "id_rsa_vendor2.pub" to the second vendor. I initiated the first connection with the second vendor and was asked for the vendor-provided password which I entered and a successful connection was made. The problem is unlike with the first vendor I am asked for the password every time I connect to the second vendor's server. Because I am being asked for the password I am unable to create fully automated batch file transfers. The second vendor is telling me they added the public key to their server as required. Did I miss a step or do something wrong on my end? Was I correct using a different name for the new keyset or would the new keyset information have been appended to the information already in id_rsa and id_rsa.pub for the first vendor? Any help you can provide will be greatly appreciated. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
