Instead of ssh "~/.ssh/somekey.pem" ubuntu#somehost, is there a way to make ssh auto check the ~/.ssh directory for keys so that I can simply do ssh "somekey.pem" ubuntu#somehost (i.e. omitting ~/.ssh)?
If you're using the same host then try updating your ~/.ssh/config file with the host info
Host dev
IdentityFile ~/.ssh/github.key
HostName dev.example.com
Port 22000
User fooey
then just type ssh dev to ssh in!
Related
My use case is I have to access AWS ec2 instances through a jumpbox.
Here is my SSH config.
Host awsjumpbox
User sshuser
HostName jumpboxhostname
IdentityFile /Users/myusername/.ssh/id_rsa
LocalForward 8022 10.0.168.43:22
It works when I do SCP command to copy files to the EC2 instance.
myusername % scp -r -i ~/aws/aws-keypair.pem -P 8022 * ec2-user#localhost:testdir
The authenticity of host '[localhost]:8022 ([::1]:8022)' can't be established.
ECDSA key fingerprint is SHA256:rrwr62yjP2cgUTT9SowdlrIwGi4jMMwt5x4Aj6E4Y3Y.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[localhost]:8022' (ECDSA) to the list of known hosts.
/etc/profile.d/lang.sh: line 19: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8): No such file or directory
README.md 100% 1064 24.3KB/s 00:00
However, when I executed SSH command. It returns a strange IP address.
myusername % ssh -i ~/aws/aws-keypair.pem -P 8022 ec2-user#localhost
ssh: connect to host 0.0.31.86 port 22: No route to host
What is the cause of this issue? How do I fix it?
Thank you.
Don't use LocalForward and reverse the flow.
Use ProxyCommand or ProxyJump. This will allow SSH to open a session to your bastion server transparently.
E.g. your configuration should be something in the line of
Host 10.0.168.43
User root
ProxyCommand ssh -W %h:%p sshuser#awsjumpbox
...
or
Host 10.0.168.43
User root
ProxyJump sshuser#awsjumpbox
...
I have a complex SSH tunnel problem I'm trying to solve and can't seem to get it quite right.
Simply put:
ME -> Bastion:22 -> Instance:8500
Bastion uses a different username and key than instance. I would like to be able to access port 1234 on instance from localhost:1234
Right now I have the following:
Host bastion
HostName bastion.example.com
ForwardAgent yes
IdentityFile ~/.ssh/id_ecdsa
User spanky
Host internal
ForwardAgent yes
HostName consul.internal
IdentityFile ~/.ssh/aws.pem
ProxyJump bastion
User ec2-user
Port 8500
But I don't think I've got it.
The following two commands work, but I'm trying to distill them into a working config:
ssh -L 2222:10.0.0.42:22 bastion.example.com -N -i ~/.ssh/id_ecdsa
ssh -L 8500:localhost:8500 ec2-user#localhost -N -i ~/.ssh/aws.pem -p 2222
With a current version of ssh, you should be able to use:
ssh -L1234:localhost:1234 -J spanky#bastion.example.com ec2-user#consul.internal
From man ssh:
-J destination
Connect to the target host by first making a ssh
connection to the jump host described by destination and then
establishing a TCP forwarding to the ultimate destination from there.
Multiple jump hops may be specified separated by comma characters.
This is a shortcut to specify a ProxyJump configuration directive.
I am configuring a local Hadoop cluster but I have a problem with password configurations.
When I type
ssh localhost
This message is displayed:
ssh localhost
key_load_public: invalid format
I already tried using these commands to replace my previous authorized keys:
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
But it did not work.
You can create a .config file in your ~/.ssh directory and then add the credentials.
Like this,
// ~/.ssh/config
# SSH Host configuration file
# Default for all
Host *
ForwardAgent no
ForwardX11 yes
ForwardX11Trusted yes
Host <hostname_here>
HostName <ip_address>
User <user_name>
Since it seems that your problems is more related with keys, you can try using ssh -i <your key file> username#ip_addr -p <port>
I am using git/bash in Windows 10 and try to clone a repository.
When I use the command: git clone username#hostname, I get:
ssh: Could not resolve hostname stbcmgit: Name or service not known
However, when I use a direct IP address instead of the hostname (git clone username#x.x.x.x), the access is successful and the clone starts.
Notes:
"known_hosts" file is located at c:\Users\myname\.ssh
The file is taken from my Linux account where everything works fine there.
The .ssh folder contains also the id_rsa and id_rsa.pub keys (copied also from Linux).
When I use 'ls $HOME/.ssh', I see these files listed.
Using Windows 10.
Thanks.
You should check /etc/hosts and add such a line if it doesn't exist:
x.x.x.x hostname
If the host's IP doesn't change, you can simplify the whole command by creating $HOME/.ssh/config like this
Host YourHost
HostName x.x.x.x
User username
IdentityFile ~/.ssh/id_rsa
PubKeyAuthentication yes
Now you can run these commands:
git clone YourHost:repo
ssh YourHost
In Windows 10 and after the latest updates concerning the "Windows Subsystem for linux" aka "Bash" now you MUST assign any desired hostname with its relative IP Address by editing this file:
C:\Windows\System32\drivers\etc\hosts
P.S: on your linux please check /etc/hosts and not the 'known_hosts' file
~/.ssh/config may contain such definitions.
These definitions contain port numbers also (I think /etc/hosts can't).
I am using Git on Windows with Git Bash.
In C:\Users\myuser\.ssh I created a config file, where I declared a host
Host my-host along with some configuration.
The config file has the following content:
Host my-host
User my-username
Hostname my-repo.com
Port 7999
IdentityFile id_rsa
In theory, I should be able to connect to this host from the command line:
ssh my-host.
However, that doesn't happen, if try to run this command from Git Bash, I get:
ssh: Could not resolve hostname my-host: Name or service not known
So how can I make this host visible in Git Bash or in Windows Command Line?
Check port number, 7999 is not usual for ssh
set full path for id_rsa, like ~/.ssh/id_rsa
maybe you should use alias name without "-"
check connection with your parameters without alias, like "ssh -i~/.ssh/id_rsa -p7999 user#host"
check you id_rsa, is it private key?
check rights on folder and file: ~/.ssh - 700, ~/.ssh/config - 600