Forum Discussion

David_Wallis's avatar
David_Wallis
Icon for Nimbostratus rankNimbostratus
Jan 27, 2014

Keybased auth for a monitor failing

I'm doing something really simple and I think its down to permissions or file location..

 

I generated an ssh key pair using ssh-keygen -t rsa

 

I have then exported the ssh key to the box I want to auth against and I can connect fine from the ltm when logged in as myself to the shell.

 

However when it runs as an EAV monitor it doesn't look like its authenticating, do I need to generate the key pair for a specific user or should it be system wide?

 

Thanks in advance.

 

David

 

5 Replies

  • You can use the key at /config/ssh/ssh_host_dsa_key, as that's the machine key. Just provide /config/ssh/ssh_host_dsa_key.pub to the box you want to authenticate against.

     

  • Hmm I've tried this, I'm beginning to think its not the key based auth thats the problem, more executing the command sftp from an eav monitor.

     

    even sftp | logger -p local0.debug doesnt produce any output in the logs where as echo hello | logger -p local0.debug does as expected..

     

    Any suggestions?

     

    • Cory_50405's avatar
      Cory_50405
      Icon for Noctilucent rankNoctilucent
      You can test just the key based auth by doing ssh user@hostname -i /config/ssh/ssh_host_dsa_key Though it does sound like a permissions issue.
  • all fixed internally at this end, according to our linux guys its due to the way sftp reports so I needed to redirect std out to std err or vice versa (cant remember) prior to using grep..

     

    So I now have a working SFTP monitor that logs in and verifies the box is available.

     

    Thanks all.

     

    David