I am quite new to nornir and network automation but I am in stuck with following scenario.
ssh via using ssh key. Using access via password works without problem.
My hosts.yaml look like this
---
juniper-tst:
hostname: 10.0.0.12
port: 22
username: mario
platform: junos
But I keep getting this error
ncclient.transport.errors.AuthenticationError: SSHException('encountered RSA key, expected OPENSSH key',)
Now I am not sure if any extra optional argument is needed to be inserted in the hosts.yaml.
versions:
Python3.6
Nornir 3.1
This is related to the format of your private key. You should know that there are openssh format and PEM format. Both will work when connecting to openssh server but some libssh based applications may be picky (I had issue with zabbix ssh).
You are using the "PEM format" which starts with "-----BEGIN RSA PRIVATE KEY-----"
just generate an new set of keys with ssh-keygen which default to the OPENSSH format which starts with "-----BEGIN OPENSSH PRIVATE KEY-----"
Related
I need to download a file from a remote server to my local. The SSH is running on a non-standard port and the remote server required a private key to connect to it from local.
I know how to achieve it separately:
For non standard port it is:
scp -P 2222 username#example.com:/backup/file.zip /local/dir
For server using private key it is:
scp -i private_key.pem username#example.com:/backup/file.zip /local/dir
But how can I download a file that require connecting to a non-default port as well as uses pem file (private key file)?
Any help would be appreciated.
Thanks
scp -i private_key.pem -P 2222 username#ip_address:/backup/file.zip .
This worked for me.
I have to drop file in SFTP location and SFTP has ppk file instead password. I tried SSH SFTP with SSH key file locating to ppk file. But i am getting invalid primary key. Can you please help
SSH SFTP Sampler expects Putty Private Key, if you try to use OpenSSH id_rsa private key - you will get something like Failed to connect to server: invalid privatekey: [B#somehexvalues] error
If your private key starts with -----BEGIN OPENSSH PRIVATE KEY----- - you won't be able to use it with SSH SFTP sampler
If your private key starts with PuTTY-User-Key-File-2: ssh-rsa - you will be able to use it (assuming the server has the corresponding public key)
If you need to convert OpenSSH or RSA private key to Putty PPK - use PyttyGen application.
More information: Load Testing FTP and SFTP Servers Using JMeter
I'm able to access google coral via putty using same network. But is it possible to access google coral using different network (like VNC server)
Regards
Rahul
If you would like to access the google coral through remote ssh e.g. putty or another ssh service you can change the ssh permissions:
sudo nano /etc/ssh/sshd_config
and set:
ChallengeResponseAuthentication yes
PasswordAuthentication yes
save the file and restart the ssh service:
sudo systemctl restart ssh
Remote ssh should work now. To get the vnc server working the coral would need a GUI which it does not have.
I've solved the problem. Checked with google support officially you can't connect google coral with different network. But incase if you want to connect within same network this is how you will connect.
generate key using puttygen.
once key is generated store public/private key (.ppk).
copy public key and paste in authorized_key location.
once public key is pasted get the broadcast ip address by hitting below command
mdt shell
ip addr | grep wlan0
Load ppk file in putty/winscp and pass the ip address which we got after running above command.
Google coral is now successfully connected with putty/winscp
I tried to use the method for using private key (that has passphrase and is added to ssh-agent from file) (according to this stack post):
spring:
cloud:
config:
server:
git:
uri: git#github.com-forApp:myorg/myrepo.git
search-paths: '{application}'
clone-on-start: true
private_key_file: ~/.ssh/id_rsa
but I keep getting
org.eclipse.jgit.api.errors.TransportException:
git#github.com:myorg/myrepo.git: USERAUTH fail
Do I have to do it exactly as doc says with pasting the key into config file or can one just point to the key file somehow?
EDIT
Actually it turns out that the private_key_file is not needed at all or ignored by Spring. But you need the ~/.ssh/config section pointing to private key to use:
Host github.com-forApp # used in spring uri
HostName github.com
User git
IdentityFile ~/.ssh/gitHubKey
I was able to replicate your behavior and resolved it with following. Let me know your thoughts.
USERAUTH fail is happening because you are not providing the passphrase for the RSA private key.(password for Basic Auth and passphrase for ssh private key)
spring:
cloud:
config:
server:
git:
uri: git#github.com:myorg/myrepo.git
search-paths: '{application}'
clone-on-start: true
passphrase: myprivatekeypassword
By default ~/.ssh/id_rsa is sent during GIT SSH Authentication(Test with command ssh -vT git#github.com. You don't need to specify it in configuration. Also, I am not sure whether private_key_file works or not, since I don't see any official documentation for it.
If you have different named RSA file under .ssh then I would advise to create config file under ~/.ssh/config with github host details and identify file.
Here is one example.
Host github.com
IdentityFile ~/.ssh/mygitid_rsa
Check this stack answer for more details which desired the configuration providing private key file path within config.
I'm trying to get Hadoop's Pseudo-Distributed Operation example (http://hadoop.apache.org/common/docs/stable/single_node_setup.html) to work on OS X Lion, but am having trouble getting the ssh to work without a passphrase.
The instructions say the following:
Setup passphraseless ssh
Now check that you can ssh to the localhost without a passphrase: $
ssh localhost
I'm getting connection refused:
archos:hadoop-0.20.203.0 travis$ ssh localhost
ssh: connect to host localhost port 22: Connection refused
If you cannot ssh to localhost without a passphrase, execute the
following commands:
$ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
$ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
After this step I am still getting connection refused. Any ideas???
Sounds like you don't have SSH enabled. Should be in the network settings control panel somewhere.
You go to "System Preferences > Sharing > Remote Access" and there's a list of authorized users. Change it to "All Users".
That's solves this problem.
Check the permissions on your .ssh directory. Some ssh implementations require that the directory be chmod 700. Otherwise, they just ignore it.
Also, check the output of
ssh -v localhost
to see how the ssh client is trying to connect. The output is very detailed, and will help you decide if it's an authentication problem.
I had the same issue.
Please check if the ssh server is running or not.
If yes, open the /etc/init.d/ssh_config and /etc/init.d/sshd_config files. The issue is that the server is running on a different port and the client is pointing to different port.
Before this please ensure that openssh-server and client are installed.
I had the same problem and i solved it the following manner :
SSH is activated.
ssh -v localhost (as stated by Herko)
In the ouput, i identified that the authentication method by DSA is not supported.
debug1: Skipping ssh-dss key /Users/john/.ssh/id_dsa - not in PubkeyAcceptedKeyTypes
I simply re-generate an ECDSA keys and remove the DSA key pairs.
After the keys generation, the procedure given on Hadoop documentation holds.
Therefore, it is important to check, if the authentication method is supported by the Openssh configuration.