Forum Discussion
Keybased auth for a monitor failing
I'm doing something really simple and I think its down to permissions or file location..
I generated an ssh key pair using ssh-keygen -t rsa
I have then exported the ssh key to the box I want to auth against and I can connect fine from the ltm when logged in as myself to the shell.
However when it runs as an EAV monitor it doesn't look like its authenticating, do I need to generate the key pair for a specific user or should it be system wide?
Thanks in advance.
David
5 Replies
- Cory_50405
Noctilucent
You can use the key at /config/ssh/ssh_host_dsa_key, as that's the machine key. Just provide /config/ssh/ssh_host_dsa_key.pub to the box you want to authenticate against.
- David_Wallis
Nimbostratus
Hmm I've tried this, I'm beginning to think its not the key based auth thats the problem, more executing the command sftp from an eav monitor.
even sftp | logger -p local0.debug doesnt produce any output in the logs where as echo hello | logger -p local0.debug does as expected..
Any suggestions?
- Cory_50405
Noctilucent
You can test just the key based auth by doing ssh user@hostname -i /config/ssh/ssh_host_dsa_key Though it does sound like a permissions issue.
- David_Wallis
Nimbostratus
logged a ticket with support for this now.
- David_Wallis
Nimbostratus
all fixed internally at this end, according to our linux guys its due to the way sftp reports so I needed to redirect std out to std err or vice versa (cant remember) prior to using grep..
So I now have a working SFTP monitor that logs in and verifies the box is available.
Thanks all.
David
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com