I was trying to login to a docker lab host using Putty but not able to login. The error is :-
'no authentication method available server sent public key'.
If I pass both username#server name i get error.
If I only pass the server name i get to the login screen but then when i enter my username the error pops up
I tried searching the web but couldn't find.
Please can anyone help me.
You can refer to the article "PWD + SSH = ❤" (with "PWD" = "Play With Docker").
The full command should be:
ssh -p 1022 <instance_ip_with_dashes>-<short_session_id>#pwdhost
But that requires on the client side to have in $HOME/.ssh
id_rsa: the private key
id_rsa.pub: the public key registered in <instance_ip_with_dashes>-<short_session_id> home.
Since copying a private key is not a good practice, you can do the opposite (in a Git bash session, not using putty):
ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa
Copy the public generated key to ~<instance_ip_with_dashes>-<short_session_id>/.ssh/authorized_keys
Then your SSH session will be possible.
Note: All that is managed for you if you are using the docker-machine pwd driver, as shown in the article above:
As you can see, in that case, a docker-machine ssh is enough.
http://github.com/play-with-docker/play-with-docker/issues/285
Actually I had to create or generate keys on the client. In order to start the communication between the client and the server.But I was copying the private key of the server silly me.
Key generation can be done in 2 ways
1. If you are using git run ssh-keygen
2. If you want to login using putty the first generate keys using puttygen and then attached the private key .ppk while ssh.
Related
I have little idea in security aspects in and outside docker world.
As the document states, I tried the below command
docker trust key generate jeff
Whenever I run this command first time it will automatically generate a root key. Isn't it possible to generate a root key based on my own existing pem file? I have checked docker and notary client/ server etc there is no information regarding this. I hope this is a valid question.
Yes we can do that
Reference Link:https://docs.docker.com/engine/reference/commandline/trust_key_load/#:~:text=docker%20trust%20key%20load%20adds%20private%20keys%20to,this%20command%2C%20refer%20to%20the%20examples%20section%20below.
Below are the steps to load existing pem file (ie private key) .It works only in windows VM Image.(Not Ubuntu Image)
set DOCKER_CONTENT_TRUST=1
docker trust key load privatekey.pem --name username
Enter passphrase :
docker trust signer add --key publickey.pem username dockerimageregistry.azurecr.io/hello-world:signed
I need to perform a check on the SSH Credentials in a Jenkins server against some of our accounts in GitHub.
Now, using the GitHub API, I can pull a list of pubkeys associated to an account.
Using com.cloudbees.plugins.credentials I can dump the credentials in the Jenkins server. For SSH Credentials, I only get the Private Key (and its password), but neither the Public Key nor Keysig is available.
Is there a way to get SSH Public Key and/or SSH Key Signature from the retrieved Private Key?
Once you got the private keys from jenkins using the com.cloudbees.plugins.credentials, you can generate the the public key associated to each one using the next commands:
For example:
ssh-keygen -e -f private_key > private_key.pub
You can also identify the user in GitHub using the private key by executing:
ssh -i /path/to/private_key -T git#github.com
Cheers
Trying to connect to the server using Jenkins ssh plugin and executing some commands. It's connected but sesu command is not working. Jenkins is unable to recognize sesu command. It says sesu : not found no such file or directory. When trying with putty, sesu command is working. Jenkins version is 2.7. Please help me on same. Thanks in advance. :)
Use locate sesu command. It will show path of sesu command. Use that one in spite of only sesu. e.g. /opt/CA/AccessControl/bin/sesu
As we can't enter password on Jenkins at run-time. Other option for accessing server is generate ssh-key. Use that key to access server from Jenkins.
Use putty or similar tools to create key.
Firstly, log in to your server using credentials.
Then switch to user who has all access rights by using sesu or other switch user command like sudo su.
Execute below steps after that :
ssh-keygen -t rsa
hit enter for all steps without entering input.
then,
Once key is created, type cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys hit [Enter]
use created rsa private key after all these step in SSH plug and you are able to access unix server from Jenkins and execute commands on that server.
Having trouble finding information on using Jenkins SSHD, there's a RSA key (publickey?) supplied by the X-Instance-Identity header when browsing the top page.
Trouble is, it's not clear how to use this.
I've tried the obvious, and added it to ~/.ssh/id_rsa_jenkins and then attempted to connect, after first setting the SSHD port in Jenkins config to 8822
ssh -i ~/.ssh/id_rsa_jenkins -p 8822 jenkins_server
(and alternatively)
ssh -i ~/.ssh/id_rsa_jenkins -p 8822 user#jenkins_server
However, with both of these connection attempts, I'm challenged for a passphrase, which I don't have (attempting to use the user login fails.)
Does anyone have any ideas?
Managed to figure this out, from the Jenkins top page (when logged in)
> People > User > Configure
Then find SSH Public keys, paste the rsa/dsa public key in here and save, and you can log in.
I am following this guide: https://thesweetsetup.com/how-to-use-digital-ocean-for-web-development-on-an-ipad/ To setup an environment on an iPad using Blink/Mosh.
I generated a droplet in the DO UI and added the public key I created using ssh-keygen in blink (also tried ssh-keygen -m pem). When I do ssh root#<IP-ADDRESS. I get the usual dialog:
Ed25519 key fingerprint is SHA256:<key>.
The server is unknown.
Do you trust the host key? (yes/no): yes
This new key will be written on disk for further usage.
Do you agree? (yes/no): yes
After this I just get back to blink. If I try to SSH again nothing happens. If I try to say ssh -i id_rsa root#<IP-ADDRESS> also nothing happens.
What am I doing wrong? I found this: https://github.com/blinksh/blink/issues/725 But do not understand what to do to fix.
I had this same problem. The blink terminal didn't give me any output or anything. The problem is that you have to give the full path of the id_rsa file (from the perspective of your default blink directory). So instead of ssh -i id_rsa root#<IP-ADDRESS>, do ssh -i .ssh/id_rsa root#<IP-ADDRESS>.
Btw one difference in our ssh key creation is that you created your key with the command ssh-keygen -m pem while I used ssh-keygen -t rsa -b 4096. I don't think that should be a problem though.
I had this same issue on some DO droplets I had. I had already set up the droplets with another key and added a new one for my blink app through the DO interface with no luck.
Realized that I had to still add the new public key to the authorized keys file in your users .ssh directory. ( ~/.ssh/authorized_keys ) and this solved my problem.
I did this through the device I was already using successfully, and copied to new key to that device to paste in.