Latest News:
2018-11-29: XigmaNAS 11.2.0.4.6229 - released!

We really need "Your" help on XigmaNAS https://translations.launchpad.net/xigmanas translations. Please help today!

Producing and hosting XigmaNAS cost money, please consider a donation to our project so we can continue to offer you the best.
We need your support! eg: PAYPAL

SSH Key Login with RSA KEY

Secure shell connections.
Forum rules
Set-Up GuideFAQsForum Rules
Post Reply
Cramin
Starter
Starter
Posts: 30
Joined: 14 Jul 2014 07:57
Location: Myszkow (Poland)
Contact:
Status: Offline

SSH Key Login with RSA KEY

#1

Post by Cramin » 22 Sep 2015 19:33

English is not my native language.
  1. Add user from WEBGUI, Apply Changes
  2. Enable SSH service from WEBGUI, Apply Changes
  3. Log in to SSH, enter login and password

    Code: Select all

    Welcome to NAS4Free!
    [sshuser@piecyk ~]$
  4. We need create home dir for this user

    Code: Select all

    [sshuser@piecyk ~]$mkdir -p /mnt/DATA/sshuser/.ssh
  5. Go to created directory

    Code: Select all

    [sshuser@piecyk ~]$ cd /mnt/DATA/sshuser/.ssh
  6. Generate ssh keys

    Code: Select all

    [sshuser@piecyk ~/DATA/sshuser/.ssh]$ ssh-keygen
    Generating public/private rsa key pair.
    Enter file in which to save the key (/mnt/.ssh/id_rsa): /mnt/DATA/sshuser/.ssh/id_rsa
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /mnt/DATA/sshuser/.ssh/id_rsa.
    Your public key has been saved in /mnt/DATA/sshuser/.ssh/id_rsa.pub.
    The key fingerprint is:
    28:84:8a:0a:e3:5e:d5:50:dc:20:d5:80:ae:82:cd:66 sshuser@piecyk.local
    The key's randomart image is:
    +--[ RSA 2048]----+
    |     .+==        |
    |   . .o. o       |
    |  . o.           |
    |.. . .o.         |
    |*o  o...S        |
    |=oE...           |
    |.+..             |
    |. .              |
    | .               |
    +-----------------+
  7. Create authorized_keys file

    Code: Select all

    [sshuser@piecyk ~/DATA/sshuser/.ssh]$ cp id_rsa.pub authorized_keys
  8. Copy private key to your client PC (SCP, FTP, SMB)
  9. Add home dir for user from WEBGUI, Apply Changes
  10. I'm using Putty so I have to import private key in puttygen.exe and export to .ppk private key. Then add .ppk key in Putty

    Code: Select all

    Using username "sshuser".
    Authenticating with public key "NAS4FREE SSH KEY"
    Last login: Tue Sep 22 18:33:00 2015 from 10.0.250.13
    Welcome to NAS4Free!
    [sshuser@piecyk ~]$
Last edited by Cramin on 15 Feb 2016 07:44, edited 1 time in total.
Intel SS4200-E - 11.2.0.4 - Omnius P2C E2200 + 2GB DDR2 + 2x (Raid1 2x500GB WD) - Home
MSI G41M-P28 S771Mod - 11.2.0.4 - Omnius Xeon E5320 + 4GB DDR3 + Raid1 2x500GB Samsung - Work

pdrass
NewUser
NewUser
Posts: 1
Joined: 14 Feb 2016 23:59
Status: Offline

Re: SSH Key Login with RSA KEY

#2

Post by pdrass » 15 Feb 2016 00:13

This doesn't work and I'm not certain how you got it to work. All I get are errors and I suspect it's some twerky nas4free wacky problem.

I've even tried overriding the authorized keys file location which you don't declare.

AuthorizedKeysFile %h/.ssh/id_rsa

Again...I'm stumped at how you got this working. You also don't tweak any permissions for your authorized keys.

Cramin
Starter
Starter
Posts: 30
Joined: 14 Jul 2014 07:57
Location: Myszkow (Poland)
Contact:
Status: Offline

Re: SSH Key Login with RSA KEY

#3

Post by Cramin » 15 Feb 2016 07:52

Show me yours errors.
I declared autgorized_keys file location: [sshuser@piecyk ~/DATA/sshuser/.ssh]$ cp id_rsa.pub authorized_keys
All commands are executed in directory created by the command mkdir -p /mnt/DATA/sshuser/.ssh
Permissions of authorized_keys are the same as permissions of file id_dsa_pub

Code: Select all

-rw-r--r--  1 sshuser  sshuser   398 Feb 15 07:43 authorized_keys
-rw-------  1 sshuser  sshuser  1675 Feb 15 07:38 id_rsa
-rw-r--r--  1 sshuser  sshuser   398 Feb 15 07:38 id_rsa.pub
Sorry for my english.
Intel SS4200-E - 11.2.0.4 - Omnius P2C E2200 + 2GB DDR2 + 2x (Raid1 2x500GB WD) - Home
MSI G41M-P28 S771Mod - 11.2.0.4 - Omnius Xeon E5320 + 4GB DDR3 + Raid1 2x500GB Samsung - Work

danmero
NewUser
NewUser
Posts: 8
Joined: 16 Feb 2016 04:23
Status: Offline

Re: SSH Key Login with RSA KEY

#4

Post by danmero » 16 Feb 2016 05:05

!!! Once generate and test the ssh key login you shoud/must disable "Enable keyboard-interactive authentication" on SSH. !!!

dubov
NewUser
NewUser
Posts: 1
Joined: 04 Apr 2016 14:01
Status: Offline

Re: SSH Key Login with RSA KEY

#5

Post by dubov » 04 Apr 2016 14:07

Help me, please!
I installed Nas4Free two years ago. And I upgraded it to current version (10.2.0.2).
After I run "ssh-keygen" I see: "OpenSSL version mismatch. Built against 90819f, you have 1000110f"

Tell me, please, how I may fix this problem.

UPD: I fixed the problem.
For all: after upgrading some old libraries are still in the system. For example, libssh and libssl. You need delete it for correctly work NAS4Free.

# ls -la /usr/lib/libss*
-rwxr-xr-x 1 root wheel 370864 Jan 20 2014 /usr/lib/libssh.so.5
-rwxr-xr-x 1 root wheel 355416 Jan 20 2014 /usr/lib/libssl.so.6
-rwxr-xr-x 1 root wheel 442736 Mar 17 18:35 /usr/lib/libssl.so.7
# mv /usr/lib/libssh.so.5 /usr/lib/libssh.so.5-
# mv /usr/lib/libssl.so.6 /usr/lib/libssl.so.6-

Bruce
NewUser
NewUser
Posts: 10
Joined: 06 Mar 2017 14:39
Status: Offline

Re: SSH Key Login with RSA KEY

#6

Post by Bruce » 21 Apr 2017 07:37

I'm using Putty,

Code: Select all

Server refused our key
Using keyboard-interactive authentication.
Help me, please!

User avatar
raulfg3
Site Admin
Site Admin
Posts: 4627
Joined: 22 Jun 2012 22:13
Location: Madrid (ESPAÑA)
Contact:
Status: Offline

Re: SSH Key Login with RSA KEY

#7

Post by raulfg3 » 21 Apr 2017 08:37

Bruce wrote:
21 Apr 2017 07:37
I'm using Putty,

Code: Select all

Server refused our key
Using keyboard-interactive authentication.
Help me, please!
please read WiKi: https://nas4free.org/wiki/documentation ... entication
XigmaNAS 11.2.0.4 - Omnius (revision 6195)+OBI on SUPERMICRO X8SIL-F 8GB of ECC RAM, 12x3TB disk in 3 vdev in RaidZ1 = 32TB Raw size only 22TB usable

Wiki
Last changes
Old Wiki

biggsy
Starter
Starter
Posts: 50
Joined: 02 Jul 2012 10:24
Location: Sydney, Australia
Status: Offline

Re: SSH Key Login with RSA KEY

#8

Post by biggsy » 17 Aug 2018 07:50

Apologies for resurrecting an old thread but I have just been working through all my servers, changing them to accept only key-based SSH login.

Not paying enough attention, I pasted my desktop's public key into Services>SSH and, when the key was refused, I noticed that the GUI was asking for a private key. I then realized that this is the config for the XigmaNAS SSH Client. That's what brought me to this topic.

Would it not be fairly easy to provide a GUI method to update a user's authorized_keys file, instead of the command line method described in the first post of this thread?

That then prompts me to ask how come root isn't listed under Access>Users?

Thanks

Post Reply

Return to “SSH”