It does not require a reboot. What likely happened was that the keys had not replicated across the cluster properly. A reboot probably just kicked that into gear.

Similar to bug 825392.

Hi April,

thanks, I’ve done that already and followed the instructions to the T – but I replaced the username „monitor“ in the example with „admin“, which is what I wanted to achieve actually.

But as several others already pointed out: Logging in with admin + public key does not seem to work, creating a new user and uploading the key there worked – I tried that yesterday.

Now the funny thing is: When I logged in to the filer _TODAY_ (after I’ve rebooted it, because it’s a new filer and I had to recable some things), I could successfully authenticate myself with the SSH public key now, so it seems that a reboot of the controller is needed to alllow SSH authentication using public keys for the admin account…

So, thanks, got it sorted actually by means of a reboot :-/

Would be interesting to see if anyone else can confirm that a reboot really fixes it J

best,

Hey there,

 

I’ve tried to set up SSH public key authentication on a new cluster pair (8.2.1P1) today and failed miserably – has anyone configured that as of yet?

 

What I’ve done (and what seems to be the correct procedure) is:

 

security login create -username admin -application ssh -authmethod publickey -role admin -vserver CLUSTERNAME

security login publickey create -vserver CLUSTERNAME -username admin -index 0 -publickey "ssh-rsa AAAAB3....C8=" -comment ANEXIA

 

The resulting configuration looks like that:

 

::> security login show -application ssh

 

Vserver: CLUSTERNAME

                             Authentication                  Acct

UserName         Application Method         Role Name        Locked

---------------- ----------- -------------- ---------------- ------

admin            ssh         password       admin            no

admin            ssh         publickey      admin            -

2 entries were displayed.

 

::> security login publickey show

 

Vserver: CLUSTERNAME

UserName: admin            Index: 0

Public Key:

ssh-rsa AAAAB3....C8=

Fingerprint:

a7:08:e1:0d:22:ea:59:97:f9:3e:5c:1d:2a:84:ec:40

Bubblebabble fingerprint:

xokel-...-soxex

Comment:

ANEXIA

 

But when I try to login using username „admin“ and my private key (which works on hundreds of other boxes and also on all of my 7-mode filers), the filer just seems to refuse my key and prompts me for the password.

 

Also (maybe unrelated), when logging in via SSH, I do always get this warning message:

 

Could not chdir to home directory /var/home/admin: No such file or directory

 

Getting this on two Clustered Data Ontap systems so far, both running 8.2.1.

 

Thanks,

 

Alexander Griesser

System-Administrator

 

ANEXIA Internetdienstleistungs GmbH

 

E-Mail: ag@anexia.at

Web: http://www.anexia.at

 

Anschrift Hauptsitz Klagenfurt: Feldkirchnerstraße 140, 9020 Klagenfurt

Geschäftsführer: Alexander Windbichler

Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601

 

_______________________________________________
Toasters mailing list
Toasters@teaparty.net
http://www.teaparty.net/mailman/listinfo/toasters