Hello everyone,
I am attempting to ssh into a 7750 SR router through a script running on a solaris 5620 SAM server. And, since ssh requires input from tty as a security feature (afaik), I can't just send a password through the script, I need to configure it to log in with dsa keys. I have generated a key pair on my local machine, and put the public key onto the router in cf3:/.ssh/authorized_keys/id_dsa.pub. I have set the permissions of id_dsa.pub, authorized_keys/, and .ssh/ to +r. The private key (id_dsa) resides in /opt/5620sam/server/.ssh.
From the sam server, I execute ssh -i /opt/5620sam/server/.ssh/id_dsa username@addr
However, it is still asking me to input a password.
Does anyone have an idea of what I might be doing wrong?
Thanks.
SSH without password using dsa keys
-
Jyan
Re: SSH without password using dsa keys
I am assuming I have placed the public key into the wrong file, and possibly gave it the wrong name as well. The question should simply be: Where does the 7750 check for public keys, and what should they be named?
Re: SSH without password using dsa keys
I don't believe the use of public/private keys is supported.
You have to get SAM to supply a password when using SSH.
You have to get SAM to supply a password when using SSH.
-
Jyan
Re: SSH without password using dsa keys
I got in touch with tech support at Alcatel. You are right, keyed ssh is not supported.
-
Badger
Re: SSH without password using dsa keys
I was able to use expect to script some basic SSH commands on my nodes, basically login, turn on telnet and then logout. I then used telnet for everything else I wanted to script. Keep in mind this was a lab environment and not production, so security wasn't an issue.
-
garci66
Re: SSH without password using dsa keys
Sorry for reviving an old thread, but wanted to share some enhancements. SSH with keys is possible starting on 12.0R4. Se below for the details:
You can create pair of key on Linux:
# ssh-keygen -b 1024
Private key will be in /root/.ssh/id_rsa.
Public key will be in in /root/.ssh/id_rsa.pub.
You need to copy your public key into SROS:
From Linux:
On node:
It should work with ssh, scp and sftp
Keep in mind that only 1024 bit keys are currently supported
You can create pair of key on Linux:
# ssh-keygen -b 1024
Private key will be in /root/.ssh/id_rsa.
Public key will be in in /root/.ssh/id_rsa.pub.
You need to copy your public key into SROS:
From Linux:
Code: Select all
cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCzbxLdCel+HOooNYkstzu6dpI559ZTwXLwp51H2QKZmvR9E5Ik1ZyjHIpn9JJYQxpRCoCgxEpX6b3Y9iW2rMnUvBxCOiqD2bFoO5OcBf3SdpK4b1kg7laG17/wWH1yLEDvaxWJScSVoxTb9Ki/Qgdo19zWnZLxj3gX+Aq92AZo7Q== root@freeradius
Code: Select all
configure
system
security
user "sshey"
access console
rsa-key 1 “AAAAB3NzaC1yc2EAAAADAQABAAAAgQCzbxLdCel+HOooNYkstzu6dpI559ZTwXLwp51H2QKZmvR9E5Ik1ZyjHIpn9JJYQxpRCoCgxEpX6b3Y9iW2rMnUvBxCOiqD2bFoO5OcBf3SdpK4b1kg7laG17/wWH1yLEDvaxWJScSVoxTb9Ki/Qgdo19zWnZLxj3gX+Aq92AZo7Q==”
exit
exit
exit
exitKeep in mind that only 1024 bit keys are currently supported
