the command IS ssh root@192.168.1.54 '/sbin/shutdown.sh'
i created the public key on the VMA and copy it to /etc/ssh/keys-root/authoraized_keys on the Esxi 5.1 by cat <key_name>.pub >> /etc/ssh/keys-root/authoraized
overcame the problems of interactive keyboard and Password
cannot find how to resolve Permission denied (publickey).
i generated the key using command -> ssh-keygen
thanks
It's offen a permission Problem on the key files or .ssh dir.
Check /var/log/auth.log on the esxi host for info.
And please post the ls -l output of the keys and the directories they are located in. (On both hosts) If they are set to world readable or something, the authentication will fail.
Regards
Hi,
just to be sure, check your /etc/ssh/keys-root/authorized_keys again, as you misspelled it twice in your post, maybe just a typo?
What permission does the authorized_keys have? Standard permission is 1600
is written ok in the server authorized_keys i just typed wrong in the post,
Even permission 777 on the authorized_keys
also the keys-root upper folder has chmod 777 but the same error Permission denied (publickey).
Run SSH in verbose mode so you get more Details:
ssh -vvv root@esxi-server
Have to define something on known_hosts ? there is no file like this, there are files: see below table
i copied the last debugs
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug2: no key of type 0 for host 192.168.1.250
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts2
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug2: no key of type 2 for host 192.168.1.250
The authenticity of host '192.168.1.250 (192.168.1.250)' can't be established.
RSA key fingerprint is 1e:98:fc:2b:1b:0f:37:15:11:61:41:6f:c8:2c:36:3d.
Are you sure you want to continue connecting (yes/no)?
So you type yes and what happens then?
Also with which user die you try to login the whole time? root or vi-admin?
User root NOT vi-admin
type yes and put permanently the knowledge of the ESXi into the VMA
then continue like the below (copied and paste the last rows)
asks for password
ROWS: copied and paste
debug1: Host '192.168.1.250' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:2
debug2: bits set: 470/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/id_rsa (0x7f94fcc8b030)
debug2: key: /root/.ssh/id_dsa ((nil))
debug3: input_userauth_banner
Welcome to vSphere Management Assistant
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
root@192.168.1.250's password:
thanks!
It's offen a permission Problem on the key files or .ssh dir.
Check /var/log/auth.log on the esxi host for info.
And please post the ls -l output of the keys and the directories they are located in. (On both hosts) If they are set to world readable or something, the authentication will fail.
Regards
Great!
The solution is what you said, excessive permissions
http://www.daveperrett.com/articles/2010/09/14/ssh-authentication-refused/
Finally we’re getting somewhere - bad ownership or modes for directory /home/dave/.ssh.
SSH doesn’t like it if your home or ~/.ssh directories have group write permissions. Your home directory should be writable only by you, ~/.ssh should be 700, and authorized_keys should be 600 :
Thanks a lot!
Ariel
