I was using coral board with my login credentials before but the SSH didn't seem to work so I removed the keys from the coral in order to generate new ones and now its not letting me in the board. I'm a noob at this, if you answer this please be specific. its for my college project. How do i change the accesskeys in the directory?
Waiting for a device...
Connecting to green-horse at 192.168.101.2
Key not present on green-horse -- pushing
Couldn't connect to keymaster on green-horse: [Errno 111] Connection refused.
Did you previously connect from a different machine? If so,
mdt-keymaster will not be running as it only accepts a single key.
You will need to either:
1) Remove the key from /home/mendel/.ssh/authorized_keys on the
device via the serial console
- or -
2) Copy the mdt private key from your home directory on this host
in ~/.config/mdt/keys/mdt.key to the first machine and use
'mdt pushkey mdt.key' to add that key to the device's
authorized_keys file.
Failed to push via keymaster -- will attempt password login as a fallback.
Can't login using default credentials: Bad authentication type; allowed types: ['publickey']
ssh should also works (it is what I use), but you'll need generate a key on your host machine and then put it in the ~/.ssh/authorized_keys on the board, there could be multiple keys placed in that file, and mdt needs to be one of them.
To recovers mdt access, you can check here: https://coral.ai/docs/dev-board/mdt/#recover-mdt-access
To ssh into the board, generate your own ssh key:
ssh-keygen
and your new key will be in ~/.ssh/id_rsa.pub, you can put that key on the board in order to ssh.
Related
Yesterday I was trying to update my ruby on rails application by uploading it with capistrano but I had to cancel the upload in the middle of the process, immediately I was trying to access the server via ssh with ssh deploy#my_ip_server and it was waiting to access, I ended up restarting the aws instance.
Today I am trying to access the server via ssh and I get this alert:
###########################################################
# WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! #
###########################################################
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:Adfadssdgdfg......
Please contact your system administrator.
Add correct host key in /home/jeff/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/jeff/.ssh/known_hosts:23
remove with:
ssh-keygen -f "/home/jeff/.ssh/known_hosts" -R "my_ip_server"
ECDSA host key for my_ip_server has changed and you have requested strict checking.
The ip of my instance changed I imagine it is because I restarted the instance, I immediately changed the .ssh/authorized_keys file with a new access key.
To access by ssh I have a security rule in aws that only allows access with the ip of my machine.
Should I be worried about this alert? being that the instance is new and at the moment it is only in testing phase.
I recently inherited a Jenkins instance running on an AWS EC2 server. It has several pipelines to different EC2 servers that are running successfully. I'm having trouble adding a new node to a new EC2 web server.
I have an account on that new web server named jenkins. I generated keys, added the ssh-rsa key to ~/.ssh/authorized_keys, and verified I was able to connect with the jenkins user via Putty.
In Jenkins, under Dashboard > Credentials > System > Global Credentials, I created new credentials as follows:
Username: jenkins
Private Key -> Enter Key Directly: Pasted in the key beginning with "BEGIN RSA PRIVATE KEY":
Finally, I created a new node using those credentials, to connect via SSH and use the "Known hosts file Verification Strategy."
Unfortunately, I'm getting the following error when I attempt to launch the agent:
[01/04/22 22:16:43] [SSH] WARNING: No entry currently exists in the
Known Hosts file for this host. Connections will be denied until this
new host and its associated key is added to the Known Hosts file. Key
exchange was not finished, connection is closed.
I verified I have the correct Host name configured in my node.
I don't know what I'm missing here, especially since I can connect via Putty.
Suggestions?
Have you added the new node to the known hosts file on the Controller node?
I assume Putty was your local machine rather than the controller?
See this support article for details
https://support.cloudbees.com/hc/en-us/articles/115000073552-Host-Key-Verification-for-SSH-Agents#knowhostsfileverificationstrategy
Sounds like your system doesn't allow for automatic hostkeys into the known_hosts file. You can check for the UpdateHostKeys flag in either your user, system, or potentially whatever user Jenkins runs under, SSH Config file. You can read more about the specific flag I'm talking about here.
If you need to add that hostkey manually, here's a nice write up for how to do it.
I get the following error when I use "mdt shell".
I have went through the documentation and all I want to know how I can access the board files? As the documentation tells me to remove the authorized keys from /home/mendel/.ssh/authorized-keys directory.
I have connected the serial port but I don't see anything when I try to Dmesg| grep but i get a sound like a device is connected to the PC. How can I access the coral files in order to delete the authorized files?
I'm using UBUNTU terminal on Windows.
'''
~$ mdt shell green-horse
Waiting for device green-horse...
Connecting to green-horse at 192.168.101.2
Key not present on green-horse -- pushing
Couldn't connect to keymaster on green-horse: [Errno 111] Connection refused.
Did you previously connect from a different machine? If so,
mdt-keymaster will not be running as it only accepts a single key.
You will need to either:
Remove the key from /home/mendel/.ssh/authorized_keys on the
device via the serial console
or -
Copy the mdt private key from your home directory on this host
in ~/.config/mdt/keys/mdt.key to the first machine and use
'mdt pushkey mdt.key' to add that key to the device's
authorized_keys file.
Failed to push via keymaster -- will attempt password login as a fallback.
Can't login using default credentials: Bad authentication type; allowed types: ['publickey']
'''
Did you insert the SD card on the first attempt to connect using mdt?
If so, remove it and try again.
I'm trying to connect to Windows agent use SSh(Launch agent agents via SSH)
Jenkins master(in Linux)
log:
[SSH] Opening SSH connection to 192.168.0.122:22.
[SSH] SSH host key matches key seen previously for this host. Connection will be allowed.
ERROR: Server rejected the 1 private key(s) for my_bot (**********)
[SSH] Authentication failed.
Authentication failed.
Launch failed - cleaning up connection
[SSH] Connection closed.
I tried to add key to authorized_keys.. but it did not help
When ssh says "SSH host key" it means the keys in known_hosts.
Check .ssh/known_hosts to see that key.
Although "Connection will be allowed" implies this is not a problem for you.
So ignore that part of the error message.
Your real problem is "ERROR: Server rejected the 1 private key"...
Is they key exchanged ok?
Private key needs to be in jenkins. Also check file permissions.
Public key needs to be on server side. Probably .ssh/authorized_keys. Also check file permissions. Ssh will not allow keys to be used if permissions on .ssh or files contained inside are too open.
More information is needed to help solve the question:
In your question please show the ssh command you use - the full command - do you specify key with -i parameter ?
From jenkins command-line, can you ssh to the host using the same ssh command ?
Do ls -al on jenkins home .ssh dir and on server side .ssh dir to check permissions.
To get more verbose/debug information add -v or -vv or -vvv to your ssh command.
Also look at ssh logs on server side if possible.
In your question you could tidy up the log messages.
Same error seen on this question here and I can see they did chown 744 .ssh/authorized_keys in dockerfile which is the wrong way to set permissions for an authorized_keys file.
https://superuser.com/questions/1403715/why-i-am-getting-error-server-rejected-the-1-private-key-error-on-setting-up-s/1443503#1443503
In Cloud9 I do:
$ git push -u origin --all
The authenticity of host 'bitbucket.org (131.103.20.168)' can't be established.
RSA key fingerprint is 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40.
Are you sure you want to continue connecting (yes/no)?
I added the ssh-key from cloud9 to Bitbucket. Shouldn't that be enough to have Bitbucket authenticated by Cloud9?
No. When you'll first connecting to bitbucket, ssh client on your machine will store RSA fingerprint in file called known_hosts. Then before each connection server fingerprint will be validated with stored one (to avoid man-in-the-middle attack).
So - you need to accept this fingerprint only once (if you're diligent you should compare it with fingerprint provided by bitbucket).
If your key is added, you might be missing this important step...
When we get the prompt Are you sure you want to continue connecting(yes/no)? then we should type yes before hitting the return/Enter key.
Good Luck.