public/private key authentication to ESXi

nettech1 · ‎04-15-2020

Hi,

We are trying to configure SSH access to our ESXi hosts using public/private key authentication for some automation tasks with ansible .

On a Linux system running ansible we generated a key pair using ssh-keygen, then we copied the public key to our esxi host using

cat ~/.ssh/id_rsa.pub | ssh root@esxihost1 'cat >> /etc/ssh/keys-root/authorized_keys'

Public key has been verified inside the authorized_keys file

sshd_config had PermitRootLogin set to yes

When we try to SSH to our esxihost1 we are still being prompted for the password

VMware Knowledge Base shows the same process for ssh key authentication

Any help is greatly appreciated

Nawals · ‎04-15-2020

make sure that the contents of authorized_keys is persistent. This ensures that contents gets saved and persists through reboots. To do this, ensure that there is a “T” bit in the permission as following.If it is not persistent for whatever reason, run the following command to make it so:

[root@esxi-01~] chmod +t /etc/ssh/keys-root/authorized_keys

NKS Please Mark Helpful/correct if my answer resolve your query.

nettech1 · ‎04-16-2020

looks like the problem was related to the user name

I am not prompted for the password if I supply root user name before the host name

Nawals · ‎04-16-2020

So your original issue resolved right? however, while using root not prompted for password. It may you have to look your automation script if something define or is there any changes?

NKS Please Mark Helpful/correct if my answer resolve your query.

nettech1 · ‎04-16-2020

yes, the original issue was resolved by supplying the user name.

nettech1 · ‎04-16-2020

while we are on the same topic, is there an official VMWare KB on public / private key authentication to vCenter?

The only guide I found so far is this https://www.virten.net/2015/10/vcsa6-bash-and-ssh-key-authentication/

All

public/private key authentication to ESXi