Well I made a little progress but still won't work. After I reboot the Astlinux
box this is what I get in the remote host where I am ssh-ing from. If I delete
the known_hosts and and add it at the next ssh login will work fine, until next
reboot :(
eXiled:.ssh exile$ ssh [email protected]
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
ae:00:d1:f6:3f:bc:07:df:02:f3:0e:fc:84:3e:71:b5.
Please contact your system administrator.
Add correct host key in /Users/exile/.ssh/known_hosts to get rid of this
message.
Offending RSA key in /Users/exile/.ssh/known_hosts:1
RSA host key for 192.168.0.15 has changed and you have requested strict
checking.
Host key verification failed.
eXiled:.ssh exile$
________________________________
From: Lonnie Abelbeck <[email protected]>
To: AstLinux Users Mailing List <[email protected]>
Sent: Sunday, April 21, 2013 4:50 PM
Subject: Re: [Astlinux-users] Astlinux and the ssh keys
Ionel,
Well you *definitely* don't want to put other public keys into the the
"/mnt/kd/ssh_root_keys/" directory, they only go into the "/mnt/kd/ssh_keys/"
directory.
I use this feature all the time, it works. :-)
Take a step back...
All you need to do is generate public-private keys for the remote
(non-AstLinux) SSH user (if the keys don't already exist in ~/.ssh/ )...
$ ssh-keygen
(Note: the password protects the private key on the remote end, if this is done
via CRON you may want to not use a password or use some method of providing the
password via a keychain)
Then copy the id_*.pub files (rename them replacing "id_" with a meaningful
host name) to the "/mnt/kd/ssh_keys/" directory. If you only generate a
id_dsa.pub key, but it connects using rsa that won't work as expected.
Test with SSH, it should work.
Lonnie
On Apr 21, 2013, at 4:15 PM, Ionel Chila wrote:
> Still doesn't work after reboot. Very very frustrating :(
>
> I already have directory called /mnt/kd/ssh_root_keys/ I tried copying the
> .pub key there and rebooted. Doesn't work
> I also created a directory called /mnt/kd/ssh_keys as you suggested and
> copied the .pub key there and rebooted. Still doesn't work
>
> It works fine before the reboot in both occasions but not anymore after
> reboot.
>
>
> From: Lonnie Abelbeck <[email protected]>
> To: AstLinux Users Mailing List <[email protected]>
> Cc: Ionel Chila <[email protected]>
> Sent: Sunday, April 21, 2013 1:53 PM
> Subject: Re: [Astlinux-users] Astlinux and the ssh keys
>
> Hi Ionel,
>
> Since by default the /root directory is not persistent (in RAM) the SSH keys
> must be stored on /mnt/kd/ .
>
> In your case, place the trusted host's public key "trusthost_dsa.pub" in the
> "/mnt/kd/ssh_keys/" directory. As many *.pub as you like.
>
> To make the new keys apply, either reboot or from the CLI:
>
> $ service sshd stop
> $ service sshd init
>
> Lonnie
>
>
> On Apr 21, 2013, at 12:23 PM, Ionel Chila wrote:
>
>> I am trying to automate my backup where a remote client pulls the configs
>> from the Astlinux box via rsync and ssh.
>> I did exchange the keys and got ssh to work automatically without entering
>> the password but as soon as I rebooted the Astlinux box everything stops
>> working. Anything have to do with the Astlinux partition if I recall it
>> correctly ? Anything I have to do in the Astlinux box when I am exchanging
>> the keys?
>
>
>
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
