Array Setup and Networking

Passwordless cert-based SSH login?

Go to solution
Occasional Advisor

Passwordless cert-based SSH login?

I'm trying to enable passwordless cert-based SSH login on our CS220.

My personal workstation runs CentOS 6.  So far I've followed guidance in

When I log in, the Nimble still prompts for a password.

What should I be looking at for troubleshooting?  Can't seem to find any logs except what's in the web interface, and that only lists events related to storage.

Occasional Advisor

Re: Passwordless cert-based SSH login?

After some research, found the problem.

The rfenton's howto referenced above says to cat the client-side and copy the contents to the clipboard, then paste the contents into this command on the Nimble:

    sshkey --add richkey --type rsa --key <key contents>

On my CentOS 6 workstation, when I cat my file I get something like this:

    ssh-rsa <a bunch of encrypted text> <username>@<my workstation hostname>

I tried using this output verbatim in the sshkey command and couldn't log in to the Nimble passwordlessly.

Troubleshooting, I used this command on the Nimble:

    sshkey --info richkey

I didn't actually use 'richkey' as the name of my key, but we'll go with that for this example.

The command returned this information:

    Name: richkey

    Type: rsa

    Key: ssh-rsa

So it's not picking up the entire key contents.  Deleted the key then tried putting the key contents in quotes:

    sshkey --delete richkey

    sshkey --add richkey --type rsa --key "ssh-rsa <a bunch of encrypted text> <username>@<my workstation hostname>"

Still can't log in without using a password.

Deleted the key and tried again, leaving off the ssh-rsa:

    sshkey --add richkey --type rsa --key "<a bunch of encrypted text> <username>@<my workstation hostname>"

This worked.  I can now log in without entering a password.  This facilitates scripting.  I'll be using this to gather data for Nagios.